Subscribe via feed.

Confluence OGNL Injection Proof Of Concept

Posted by deepcore on June 8, 2022 – 10:32 am

Proof of concept script that exploits the remote code execution vulnerability affecting Atlassian Confluence versions 7.18 and below. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance. All supported versions of Confluence Server and Data Center are affected. Confluence Server and Data Center versions after 1.3.0 and below 7.18.1 are affected. The vulnerability has a CVSS score of 10 out of 10 for criticality.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.