CVE-2017-16865

Name of the Vulnerable Software and Affected Versions: Atlassian Jira versions prior to 7.6.1

Description: The issue allows remote attackers to access internal network resources via a Server Side Request Forgery (SSRF) in the Trello importer. This flaw can be used to access a metadata resource that provides access credentials and other potentially confidential information, especially in environments like Amazon EC2.

Recommendations: For versions prior to 7.6.1, update to version 7.6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Trello importer to minimize the risk of exploitation.