Confluence OGNL Injection Proof Of Concept

Proof of concept script that exploits the remote code execution vulnerability affecting Atlassian Confluence versions 7.18 and below. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance. All supported versions of Confluence Server and Data Center are affected. Confluence Server and Data Center versions after 1.3.0 and below 7.18.1 are affected. The vulnerability has a CVSS score of 10 out of 10 for criticality.

SHA-256 | af35a5a0af240395f62e977601885f29387ee4fc958081d1910e6f6f0d3d428a

Related Posts