CVE-2023-22504 in Confluence Serverالمعلومات

الملخص

بحسب MITRE • 25/05/2023

Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature.

The affected versions are before version 7.19.9.

This vulnerability was discovered by Rojan Rijal of the Tinder Security Engineering Team.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

مسؤول

Atlassian

حجز

01/01/2023

إفشاء

25/05/2023

الاعتدال

تمت الموافقة

إدخال

VDB-229955

EPSS

0.00747

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you need the next level of professionalism?

Upgrade your account now!