Ctrlk

Confluence

mainly server (selfhosted)

Notable CVEs

CVE-2023-22515

Allows unathenticated user to create administrative user account.

PoC: https://github.com/Chocapikk/CVE-2023-22515

Nuclei: https://templates.nuclei.sh/public/CVE-2023-22515

Misconfigurations

Check for OpenID handling

By Design

XSS/HTML injection in macros/plugins (such as render HTML)

PreviousHello world Next5671,5672 - Apache ActiveMQ

Last updated 2 years ago