Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Atlassian Confluence Vulnerability - CVE-2020-29448 - Vulnerability Database
Atlassian Confluence

Atlassian Confluence Vulnerability - CVE-2020-29448

Medium
Reference: CVE-2020-29448
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-29448
Title: Atlassian Confluence Vulnerability
Overview:

The ConfluenceResourceDownloadRewriteRule class in Confluence Server and Confluence Data Center before version 6.13.18 from 6.14.0 before 7.4.6 and from 7.5.0 before 7.8.3 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.