@campuscodi Judging by the ongoing ensh*ttification of both their Jira and Confluence flagship products, the question remains: Could a wiped out Jira/Confluence instance end up being better for everyone involved? </sarcasm>
@campuscodi
Damn
> an Improper Authorization Vulnerability within Confluence Data Center and Confluence Server that allows unauthenticated users to perform a “restore from backup” by submitting their own arbitrary .zip file. Adversaries can exploit the vulnerability to destroy Confluence instances, leading to data loss. Alternatively, adversaries may also submit a .zip file containing a webshell to achieve Remote Code Execution (RCE) on vulnerable, on-premise Confluence servers.
Add comment