Количество 2
Количество 2
CVE-2023-22504
Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature.
GHSA-hfhf-22gm-76w3
Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature. The affected versions are before version 7.19.9. This vulnerability was discovered by Rojan Rijal of the Tinder Security Engineering Team.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-22504 Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| GHSA-hfhf-22gm-76w3 Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature. The affected versions are before version 7.19.9. This vulnerability was discovered by Rojan Rijal of the Tinder Security Engineering Team. | CVSS3: 4.3 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу