all InfoSec news
Multiple Vulnerabilities in Atlassian Products Could Allow for Remote Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
Multiple vulnerabilities have been discovered in Atlassian products which could allow for remote code execution. Confluence is a collaboration tool that brings people, knowledge, and ideas together in a shared workspace. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts …
atlassian code code execution collaboration confluence context exploitation ideas knowledge people products remote code remote code execution tool vulnerabilities workspace