Medium
CVE-2021-43959
Atlassian Jira Service Management Server and Data Center are vulnerable to server-side request forgery, caused by a flaw in the CSV importing feature of JSM Insight. By sending a specially-crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to access the content of internal network resources.
Atlassian
Upgrade to the latest version of Jira Service Management Server and Data Center, available from the Atlassian Website.