all InfoSec news
Exploit Attempts for Unknown Password Reset Vulnerability, (Wed, Feb 28th)
Malware Analysis, News and Indicators - Latest topics malware.news
My Google skills let me down this morning, attempting to figure out which vulnerability is exactly being exploited by these “forgotuserpassword.action” scans. Maybe someone else can help me out here. Based on the scans, I do not believe this is a “normal” password reset vulnerability. Atlassian’s Confluence is one suspect using a URL scheme like this, but there may be others. Here are some of the URLs:
Article Link: https://isc.sans.edu/diary/rss/30698
1 post - 1 participant
action atlassian can confluence down exploit exploited google normal password password reset reset scans skills vulnerability