EUVD-2023-26644

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Atlassian Confluence Server allows remote attackers to upload attachments due to Broken Access Control vulnerability.

Reporter	Title	Published	Views	Family All 13
CNNVD	Atlassian Confluence Server 代码问题漏洞	25 May 202300:00	–	cnnvd
Atlassian	A user with read permissions to a Confluence page is able to upload attachments - CVE-2023-22504	20 Apr 202312:43	–	atlassian
CVE	CVE-2023-22504	25 May 202314:00	–	cve
Cvelist	CVE-2023-22504	25 May 202314:00	–	cvelist
NCSC	Vulnerability fixed in Atlassian Confluence	26 May 202300:00	–	ncsc
NVD	CVE-2023-22504	25 May 202314:15	–	nvd
Prion	Improper access control	25 May 202314:15	–	prion
Positive Technologies	PT-2023-18552 · Atlassian · Confluence	25 May 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-22504	23 May 202505:51	–	redhatcve
Vulnrichment	CVE-2023-22504	25 May 202314:00	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "7ffbc21b-73b2-330d-a4be-032b92cf75b4",
        "vendor": {
          "name": "Atlassian"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "03b6aabb-2343-3eb5-8061-907d73c36154",
        "product": {
          "name": "Confluence Data Center"
        },
        "product_version": "7.20.0"
      },
      {
        "id": "0a164351-7bf3-3865-bf88-3a9f40572948",
        "product": {
          "name": "Confluence Server"
        },
        "product_version": "7.20.0"
      },
      {
        "id": "7099d246-e623-360d-9048-d8c7a1b1bc90",
        "product": {
          "name": "Confluence Server"
        },
        "product_version": "1.1.2"
      },
      {
        "id": "85077f18-be63-3639-8937-bafe15b810b0",
        "product": {
          "name": "Confluence Server"
        },
        "product_version": "7.14.0"
      },
      {
        "id": "a35d88e5-163e-3e63-8dc2-d5635405ef2f",
        "product": {
          "name": "Confluence Data Center"
        },
        "product_version": "1.1.2"
      },
      {
        "id": "c12f92b6-b8de-30de-bc1b-f50a6593bd7c",
        "product": {
          "name": "Confluence Data Center"
        },
        "product_version": "7.14.0"
      }
    ]
  }
]

Source	Link
jira	www.jira.atlassian.com/browse/CONFSERVER-83218

03 Oct 2025 20:07Current

4.7Medium risk

Vulners AI Score4.7

CVSS 34.3

CVSS 3.16.5

EPSS0.00434

SSVC