Description
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.
Remediation
References
Related Vulnerabilities
WordPress Plugin FormCraft-Contact Form Builder Cross-Site Request Forgery (1.2.1)
WordPress Plugin WP Super Cache Cross-Site Scripting (1.4.2)
WordPress Plugin WP Custom Admin Login Page Logo Unspecified Vulnerability (1.4.1)
Apache Tomcat Improper Access Control Vulnerability (CVE-2016-5388)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6434)