The ConfluenceResourceDownloadRewriteRule class in Confluence Server and Confluence Data Center before version 6.13.18, from 6.14.0 before 7.4.6, and from 7.5.0 before 7.8.3 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.
Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!
More Stories
Lazarus Hits Defense Firms with ThreatNeedle Malware
Executive Order Focuses on Supply Chain Risk Management
6,000 VMware vCenter Devices Vulnerable to Remote Attacks