Security Advisory

CVE-2023-22504

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-25 14:00:02

Last updated 2024-10-01 15:23:29

Assigner atlassian

State PUBLISHED

Description

Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature.

← Browse all CVEs View on cve.org ↗