admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 01:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

add : CVE-2022-26134

Browse Source
This commit is contained in:
gaopeng2 2022-06-04 16:47:56 +08:00
parent 36bdb944b6
commit 92e794f91b
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
Atlassian/Confluence/CVE-2022-26134/Atlassian_Confluence_Webwork_OGNL_Inject_CVE_2022_26134.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 MiB

10
Atlassian/Confluence/CVE-2022-26134/README.md Normal file
View File

@ -0,0 +1,10 @@
# Atlassian Confluence Webwork OGNL Inject (CVE-2022-26134)
Atlassian confluence server is a server version of atlassian company that has enterprise knowledge management functions and supports collaborative software for building enterprise wikis.&nbsp;Atlassian confluence has an ognl injection vulnerability that allows authenticated users (in some cases unauthenticated users) to execute arbitrary code on the confluence server.<br>
FOFA **query rule**: [(header="X-Confluence-" && header!="TP-LINK Router UPnP") || (banner="X-Confluence-" && banner!="TP-LINK Router UPnP") ](https://fofa.info/result?qbase64=KGhlYWRlcj0iWC1Db25mbHVlbmNlLSIgJiYgaGVhZGVyIT0iVFAtTElOSyBSb3V0ZXIgVVBuUCIpIHx8IChiYW5uZXI9IlgtQ29uZmx1ZW5jZS0iICYmIGJhbm5lciE9IlRQLUxJTksgUm91dGVyIFVQblAiKSA%3D)
# Demo
![Atlassian_Confluence_Webwork_OGNL_Inject_CVE_2022_26134](Atlassian_Confluence_Webwork_OGNL_Inject_CVE_2022_26134.gif)