Confluence SSRF

Confluence SSRF and Remote Code Execution Vulnerability Handling Guide

abril 22, 2019

1 Vulnerability Overview

Recently, Atlassian officially released a security bulletin, announcing a server-side request forgery (SSRF) vulnerability and a remote code execution vulnerability (CVE-2019-3396). The two vulnerabilities respectively reside in WebDAV and Widget Connector and could be exploited by an attacker for remote code execution and server-side request forgery. (mais…)


Inscreva-se no Blog da NSFOCUS