Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2022-26134 #32

Closed
mhmdiaa opened this issue Jun 23, 2022 · 1 comment
Closed

CVE-2022-26134 #32

mhmdiaa opened this issue Jun 23, 2022 · 1 comment
Assignees
@trickest-workflows
Labels
On-Demand Trigger a Trickest Workflow for specific CVE

Comments

@mhmdiaa
Copy link
Contributor

mhmdiaa commented Jun 23, 2022

No description provided.

@mhmdiaa mhmdiaa added the On-Demand Trigger a Trickest Workflow for specific CVE label Jun 23, 2022
@trickest-workflows
Copy link
Collaborator

CVE-2022-26134




Description

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

POC

Reference

Github

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@trickest-workflows trickest-workflows

Labels
On-Demand Trigger a Trickest Workflow for specific CVE
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mhmdiaa @nenadzaric @trickest-workflows