module
Atlassian Confluence SSTI Injection
| Disclosed |
|---|
| Jan 16, 2024 |
Disclosed
Jan 16, 2024
Description
This module exploits an SSTI injection in Atlassian Confluence servers. A specially crafted HTTP request uses
the injection to evaluate an OGNL expression resulting in OS command execution.
Versions 8.5.0 through 8.5.3 and 8.0 to 8.4 are known to be vulnerable.
the injection to evaluate an OGNL expression resulting in OS command execution.
Versions 8.5.0 through 8.5.3 and 8.0 to 8.4 are known to be vulnerable.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.