漏洞描述
Atlassian Confluence是一款企业知识管理与协作软件。该漏洞存在于Atlassian Confluence的/json/setup-restore.action接口中,可能允许攻击者在受影响的Confluence服务器上执行任意代码。成功利用此漏洞可能导致服务器被完全控制、敏感数据泄露或系统崩溃等严重后果。
Atlassian Confluence /json/setup-restore.action 文件上传漏洞(CVE-2023-22518)
PoC代码
暂无相关漏洞推荐
- POCCVE-2022-26134: Atlassian Confluence OGNL注入漏洞
- POCCVE-2023-22515: Atlassian Confluence - Privilege Escalation
- POCCVE-2023-22518: Atlassian Confluence Server - Improper Authorization
- POCCVE-2023-22527: Atlassian Confluence远程代码执行漏洞
- POCCVE-2015-8399: Atlassian Confluence <5.8.17 - Information Disclosure
- POCCVE-2019-3396: Atlassian Confluence Server - Path Traversal
- POCCVE-2019-3398: Atlassian Confluence Download Attachments - Remote Code Execution
- POCCVE-2021-26085: Atlassian Confluence Server - Local File Inclusion
- POCCVE-2023-22515: Atlassian Confluence - Privilege Escalation
- POCCVE-2023-22518: Atlassian Confluence Server - Improper Authorization
- POCCVE-2023-22527: Atlassian Confluence - Remote Code Execution
- POCCVE-2024-21683: Atlassian Confluence Data Center and Server - Remote Code Execution
- POCCVE-2015-8399: Atlassian Confluence <5.8.17 - Information Disclosure