Showing 1 - 3 of 3

CVE-2023-22527

Status Candidate

Overview

A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.

Related Files

Confluence Template Injection Remote Code Execution: Posted Jul 15, 2024; Authored by Jacob Baines | Site github.com; Atlassian Confluence suffers from a template injection vulnerability that leads to remote code execution. This repository has three go-exploit implementations of CVE-2023-22527 that execute their payload without touching disk.; tags | exploit, remote, code execution; advisories | CVE-2023-22527; SHA-256 | efe9acf218872fcb2aaad8260c6fdae6e0f538f783ac6624c299f3a0e4254f94; Download | Favorite | View

Atlassian Confluence 8.5.3 Remote Code Execution: Posted Mar 19, 2024; Authored by MaanVader; Atlassian Confluence versions 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, and 8.5.0 through 8.5.3 suffer from a remote code execution vulnerability.; tags | exploit, remote, code execution; advisories | CVE-2023-22527; SHA-256 | 0aa128553cbd5a516cc713b76e3dc3f366da8678b4aba8459dee773880a5c164; Download | Favorite | View

Atlassian Confluence SSTI Injection: Posted Jan 26, 2024; Authored by Spencer McIntyre, Harsh Jaiswal, Rahul Maini | Site metasploit.com; This Metasploit module exploits an SSTI injection in Atlassian Confluence servers. A specially crafted HTTP request uses the injection to evaluate an OGNL expression resulting in OS command execution. Versions 8.5.0 through 8.5.3 and 8.0 to 8.4 are known to be vulnerable.; tags | exploit, web; advisories | CVE-2023-22527; SHA-256 | 39194aa16a97418685a42e7cf82542a18f6236bb69aa758c9c1945fa2ea34f1e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 235 files
Ubuntu 70 files
indoushka 69 files
Debian 22 files
LiquidWorm 19 files
Google Security Research 8 files
Gentoo 7 files
malvuln 6 files
Seth Jenkins 4 files
Emiliano Febbi 4 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,147)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,676)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,132)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,946)
UNIX (9,472)
UnixWare (188)
Windows (6,784)
Other

CVE-2023-22527

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems