漏洞描述
Atlassian Confluence是一款企业知识管理与协作软件。该漏洞存在于Atlassian Confluence的/json/setup-restore.action接口中,可能允许攻击者在受影响的Confluence服务器上执行任意代码。成功利用此漏洞可能导致服务器被完全控制、敏感数据泄露或系统崩溃等严重后果。
Atlassian Confluence /json/setup-restore.action 文件上传漏洞(CVE-2023-22518)
PoC代码
暂无相关漏洞推荐
- POC CVE-2017-5983: JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE)
- SRM智联云采系统 restore 远程代码执行漏洞
- Atlassian Jira Software Data Center And Server 需授权 路径遍历漏洞
- 智联云采 SRM2.0 restore 存在远程命令执行漏洞
- CVE-2019-3396: Atlassian Confluence Path Traversal
- 索贝融媒体 /sobey-mchEditor/mch/WXArticleInt/restore SQL注入漏洞
- POC CVE-2015-8399: Atlassian Confluence <5.8.17 - Information Disclosure
- POC CVE-2017-9506: Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery
- POC CVE-2018-20824: Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting
- POC CVE-2018-5230: Atlassian Jira Confluence - Cross-Site Scripting
- POC CVE-2019-11580: Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution
- POC CVE-2019-11581: Atlassian Jira Server-Side Template Injection
- POC CVE-2019-3396: Atlassian Confluence Server - Path Traversal