Atlassian Confluence Server and Confluence Data Center are prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.
Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve sensitive information. This may aid in further attacks.
The following products of Atlassian Confluence Server and Data Center are affected:
6.6.0 prior to 6.6.13
6.7.0 prior to 6.12.4
6.13.0 prior to 6.13.4
6.14.0 prior to 6.14.3
6.15.0 prior to 6.15.2
Information
Atlassian Confluence Data Center 6.14
Atlassian Confluence Data Center 6.13.3
Atlassian Confluence Data Center 6.13
Atlassian Confluence Data Center 6.12.3
Atlassian Confluence Data Center 6.12
Atlassian Confluence Data Center 6.11
Atlassian Confluence Data Center 6.10
Atlassian Confluence Data Center 6.9
Atlassian Confluence Data Center 6.8
Atlassian Confluence Data Center 6.7
Atlassian Confluence Data Center 6.6.12
Atlassian Confluence Data Center 6.6
Atlassian Confluence 6.14.2
Atlassian Confluence 6.14
Atlassian Confluence 6.13.3
Atlassian Confluence 6.13.1
Atlassian Confluence 6.13
Atlassian Confluence 6.12.3
Atlassian Confluence 6.12
Atlassian Confluence 6.11
Atlassian Confluence 6.10
Atlassian Confluence 6.6.12
Atlassian Confluence 6.6.1
Atlassian Confluence 6.9.0
Atlassian Confluence 6.8.0
Atlassian Confluence 6.7.2
Atlassian Confluence 6.7.1
Atlassian Confluence 6.7.0
Atlassian Confluence Data Center 6.14.3
Atlassian Confluence Data Center 6.13.4
Atlassian Confluence Data Center 6.12.4
Atlassian Confluence Data Center 6.6.13
Atlassian Confluence 6.15.2
Atlassian Confluence 6.14.3
Atlassian Confluence 6.13.4
Atlassian Confluence 6.12.4
Atlassian Confluence 6.6.13
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.