Vulnerability Description
Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the `discourse_jira_verbose_log` site setting. A moderator user could manipulate the request path to the Jira API, allowing them to perform arbitrary GET requests using the Jira API credentials, potentially with elevated permissions, used by the application.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Discourse | Discourse Jira | <= 2023-10-01 |
Related Weaknesses (CWE)
References
- https://github.com/discourse/discourse-jira/commit/8a2d3ad228883199fd5f081cc93d1Patch
- https://github.com/discourse/discourse-jira/pull/50Patch
- https://github.com/discourse/discourse-jira/security/advisories/GHSA-pmv5-h2x6-3Vendor Advisory
- https://github.com/discourse/discourse-jira/commit/8a2d3ad228883199fd5f081cc93d1Patch
- https://github.com/discourse/discourse-jira/pull/50Patch
- https://github.com/discourse/discourse-jira/security/advisories/GHSA-pmv5-h2x6-3Vendor Advisory
FAQ
What is CVE-2023-44384?
CVE-2023-44384 is a vulnerability with a CVSS score of 4.1 (MEDIUM). Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to ...
How severe is CVE-2023-44384?
CVE-2023-44384 has been rated MEDIUM with a CVSS base score of 4.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-44384?
Check the references section above for vendor advisories and patch information. Affected products include: Discourse Discourse Jira.