CVE-2023-22508 - Critical RCE in Confluence Data Center & Server – Exploit, Fix, and What You Need to Know
In June 2023, Atlassian published a security advisory for a high severity Remote Code Execution (RCE) vulnerability in Confluence Data Center and Server – tracked as
CVE-2023-22504 - How Broken Access Control in Atlassian Confluence Lets Users Upload Files Without Write Access
Access control is one of the cornerstones of web application security. When it fails, even in subtle ways, attackers can often do things they shouldn’
CVE-2023-22501 - How Attackers Impersonate Users in Jira Service Management (PoC & Exploit Details)
---
Summary
CVE-2023-22501 is a critical authentication vulnerability found in Jira Service Management Server and Data Center. It allows attackers to impersonate other users and
CVE-2022-42977 - How a Simple Export Feature in Netic User Export Let Attackers Download Any File from Atlassian Confluence
Confluence is one of the most widely-used platforms for team collaboration, and add-ons are often required for various business needs. But sometimes, these add-ons accidentally
CVE-2022-42978 - How a Small Authorization Bug in Netic User Export for Confluence Leads to Unauthenticated File Access
Software security bugs are everywhere, but few are as surprising as those that let random users read files they shouldn’t be able to see.
Episode
00:00:00
00:00:00