Atlassian Confluence < 8.5.18 / 8.6.x < 9.2.1 / 9.3.x < 9.3.1 / 9.4.x < 9.5.4 / 10.0.x < 10.0.2 / 10.1.0 (CONFSERVER-101486)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101486 advisory. - decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS. CVE-2022-38900 Note that Nessus has not tested for this...

EUVD-2017-9223

Malware in sbrugna...

Atlassian Confluence 7.19.x < 7.19.26 (CONFSERVER-98189)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98189 advisory. - moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an...

Atlassian Confluence 3.0.x < 7.19.25 / 7.20.x < 8.5.11 / 8.6.x < 8.9.3 (CONFSERVER-98205)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98205 advisory. - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability...

Atlassian Confluence < 7.19.26 / 7.20.x < 8.5.12 / 8.6.x < 8.9.4 / 9.0.1 (CONFSERVER-97723)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-97723 advisory. - An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5...

Exploit for Improper Input Validation in Atlassian Confluence_Data_Center

CVE-2023-22515-NSE This repository provides a tool to check f...

Atlassian Confluence 1.0.1 < 7.19.23 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 (CONFSERVER-95942)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95942 advisory. - Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the...

Atlassian Confluence 6.0.1 < 7.19.18 / 7.20.x < 8.5.5 / 8.6.x < 8.7.2 / 8.8.0 (CONFSERVER-94110)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-94110 advisory. - A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack ...

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center’s date center, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center’s date center, related to insufficient validation of input data, allows attackers to disclose protected information.

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center are related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center’s date center, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center are related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Atlassian Confluence < 7.19.17 / 8.0.x < 8.5.5 / 8.6.x < 8.7.2 (CONFSERVER-93516)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-93516 advisory. - This High severity RCE Remote Code Execution vulnerability was introduced in version 7.19.0 of Confluence Data Center. This RCE Remote Code...

The vulnerability of the Atlassian Confluence Server web server and the date of the Confluence Data Center is related to deficiencies in the authentication process, which allow attackers to increase their privileges.

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center are related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center’s date center, related to access control deficiencies, allows attackers to increase their privileges.

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center are related to lack of access control. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

Atlassian Confluence Server Security Vulnerability

Atlassian Confluence Server is the server version of Atlassian Australia's suite of collaboration software with enterprise knowledge management capabilities and support for building enterprise WiKi. A security vulnerability exists in Atlassian Confluence Server that stems from an unknown...

2022's most routinely exploited vulnerabilities—history repeats

The Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, Federal Bureau of Investigation FBI, and international partners have released a joint Cybersecurity Advisory CSA called the 2022 Top Routinely Exploited Vulnerabilities. We went over the list and it felt like...

The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center’s date center, related to insufficient validation of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Atlassian Confluence Server web server and the date center of Confluence Data Center are related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2023-22504

Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature...

Atlassian Confluence Server 代码问题漏洞

Atlassian Confluence Server is the server version of Atlassian Australia's suite of collaboration software with enterprise knowledge management capabilities and support for building enterprise WiKi. A code issue vulnerability exists in Atlassian Confluence Server versions prior to 7.19.9, which...

The vulnerability of the pre-viewing function for macros in Atlassian Confluence Server and the date of the Confluence Data Center, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the preview function for macros on Atlassian Confluence Server and the Confluence Data Center is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informati...