Confluence SSRF and Remote Code Execution Vulnerability Handling Guide
abril 22, 2019
1 Vulnerability Overview
Recently, Atlassian officially released a security bulletin, announcing a server-side request forgery (SSRF) vulnerability and a remote code execution vulnerability (CVE-2019-3396). The two vulnerabilities respectively reside in WebDAV and Widget Connector and could be exploited by an attacker for remote code execution and server-side request forgery. (mais…)