CVE-2023-22504 in Confluence Server情報

要約

〜によって MITRE • 2023年05月25日

Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature.

The affected versions are before version 7.19.9.

This vulnerability was discovered by Rojan Rijal of the Tinder Security Engineering Team.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

責任者

Atlassian

予約する

2023年01月01日

モデレーション

承諾済み

エントリ

VDB-229955

EPSS

0.00747

アクティビティ

非常低い

ソース

Want to stay up to date on a daily basis?

Enable the mail alert feature now!