This improper authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to the Confluence instance administrator. This Metasploit module uses the administrator account to install a malicious .jsp servlet plugin which the user can trigger to gain code execution on the target in the context of the of the user running the confluence server.
26d73b4952befcec0a56b50c408cd4fd4e5babeec09700eba379dfb85cf91c39I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
30ef8afcad0fffafd94d30ac307f86b5a6b318e2c1f44a023005841a1fcd077cDebian Linux Security Advisory 5580-1 - The Zoom Offensive Security Team discovered that processing a SVG image may lead to a denial-of-service.
c6891c045504fe548f17f5660e0f9ab7018990e4e84cbb0260fb3fbed6e142c6Red Hat Security Advisory 2023-7878-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include an integer overflow vulnerability.
261479628cc44c85e64eeee988efabd05f29dfc6ea0bb0b4c0fe4dcdd3f41fbd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed