Vulnmachines/Confluence_CVE-2021-26084

Remote Code Execution on Confluence Servers : CVE-2021-26084

Confluence_CVE-2021-26084

Remote Code Execution on Confluence Servers : CVE-2021-26084

PoC

Confluence Possible exploit endpoints

https://<REDACTED>/login
https://<REDACTED>/pages/templates2/viewpagetemplate.action
https://<REDACTED>/template/custom/content-editor
https://<REDACTED>/templates/editor-preload-container
https://<REDACTED>/pages/createpage-entervariables.action 

Credit & Full writeup

Video : Video

Note : I have tested on version 7.12.4.

Thank you alt3kx

Author

Vulnmachines