all InfoSec news
Confluence Vulnerability (CVE-2023-22515): A Deep Dive into Atlassian Bamboo's Chain Security Landscape
DEV Community dev.to
Overview
Recently, a security team disclosed a vulnerability in Confluence called SafeParameterFilter, which allows an unauthenticated remote attacker to bypass XWork functionality to create new administrative user accounts. We took this opportunity to study another related Atlassian product, Atlassian Bamboo, to determine whether a similar vulnerability exists in this application. In this article, we describe the vulnerability in Confluence and analyze why Atlassian Bamboo is not vulnerable to this vulnerability.
Confluence vulnerability (CVE-2023-22515)
Recently, a Confluence vulnerability analysis was published …
accounts atlassian attacker bamboo bypass called confluence confluence vulnerability cve cve-2023-22515 cybersecurity deep dive dive infosec opportunity product security security landscape security team study team unauthenticated vulnerabilities vulnerability