Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 01/05/2023 Updated: 09/05/2023

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 0

Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote malicious users to view the names of attachments and labels in a private Confluence space. This occurs via an Information Disclosure vulnerability in the macro preview feature. This vulnerability was reported by Rojan Rijal of the Tinder Security Engineering team. The affected versions are before version 7.13.15, from version 7.14.0 prior to 7.19.7, and from version 7.20.0 prior to 8.2.0.

Vulnerable Product	Search on Vulmon	Subscribe to Product
atlassian confluence data center
atlassian confluence server

NVD-CWE-noinfo https://jira.atlassian.com/browse/CONFSERVER-82403 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-22503

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect