WEB APPLICATION VULNERABILITIES Standard & Premium

Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7415)

Description

Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource.

Remediation

References

Related Vulnerabilities

Moodle Improper Authentication Vulnerability (CVE-2014-3552)

WordPress Plugin Contact Form Email Information Disclosure (1.2.66)

MySQL CVE-2019-2960 Vulnerability (CVE-2019-2960)

Oracle JRE CVE-2013-5812 Vulnerability (CVE-2013-5812)

WordPress Plugin Widgets for WooCommerce Products on Elementor Security Bypass (1.0.5)

Severity

High

Classification

CVE-2017-7415 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities