Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_98613HistoryMay 30, 2019 - 12:00 a.m.
Atlassian Confluence < 6.6.12 / 6.7.x < 6.12.3 / 6.13.x < 6.13.3 / 6.14.x < 6.14.2 Template Injection
2019-05-3000:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12, 6.7.0 < 6.12.3, 6.13.0 < 6.13.3 and 6.14.0 < 6.14.2 allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
This vulnerability has been verified using a remote check and should be remediated immediately.
No source data