CVE-2023-22515 PoC — Atlassian Confluence Server 安全漏洞

Source

Associated Vulnerability

Description

Atlassian Confluence Data Center and Server Broken Access Control Vulnerability

Readme

# CVE-2023-22515


 ## How does this detection method work?

 This template looks at the following endpoints:
 ```
      - "{{BaseURL}}/dologin.action"
      - "{{BaseURL}}"
      - "{{BaseURL}}/pages"
      - "{{BaseURL}}/confluence"
      - "{{BaseURL}}/wiki"
 ```

 From these endpoints it will extract the version, if the version matches any of the below versions it is considered vulnerable:

 ```
          - "8.0.0"
          - "8.0.1"
          - "8.0.2"
          - "8.0.3"
          - "8.0.4"
          - "8.1.0"
          - "8.1.1"
          - "8.1.3"
          - "8.1.4"
          - "8.2.0"
          - "8.2.1"
          - "8.2.2"
          - "8.2.3"
          - "8.3.0"
          - "8.3.1"
          - "8.3.2"
          - "8.4.0"
          - "8.4.1"
          - "8.4.2"
          - "8.5.0"
          - "8.5.1"
 ```

 ## How do I run this template?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com -t CVE-2023-22515.yaml` 


## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

File Snapshot

 [4.0K]  /data/pocs/6db1709f3810b4ebfa289d812b086b5dea442c2c
├── [1.2K]  CVE-2023-22515.yaml
└── [1.2K]  README.md

0 directories, 2 files

Remarks