Atlassian Confluence 7.1.x < 7.12.3 DLL Hijacking

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.4.10 or 7.5.0 prior to 7.12.3. It therefore may be affected by a weakness when deployed onto the Windows operating system environment allows allow authenticated local...

Confluence < 7.12.3 File Disclosure

File disclosure vulnerability in Confluence Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

CVE-2021-26085

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3...

Arbitrary file deletion

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3...

CVE-2021-26085

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3. Recent assessments: Assessed...

Pre-Authorization Arbitrary File Read in /s/ endpoint - CVE-2021-26085

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3. This vulnerability was...

Pre-Authorization Arbitrary File Read in /s/ endpoint - CVE-2021-26085

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3. This vulnerability was...

Atlassian JIRA Authentication Bypass Vulnerability (JRASERVER-69239)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 7.12.3. It is, therefore, affected by an authentication bypass vulnerability in its inline-create REST component. An authenticated, remote attacker can exploit this, by sendin...

PT-2019-10264 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: Jira versions prior to 7.12.3 Description: The issue is related to a missing authorization check in the inline-create rest resource, allowing authenticated remote attackers to set the reporter in issues. Recommendations: For versions prior to...

UBUNTU-CVE-2018-1000120

A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse...