Atlassian Confluence Path Traversal Vulnerability CVE-2019-3396 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

Atlassian Confluence Path Traversal Vulnerability CVE-2019-3396 Scanner Detail

Atlassian Confluence allows path traversal vulnerability.

The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.

Some Advice for Common Problems

  • You need to apply related fixes.
  • Sanitize all parameters received as input from the user.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service