Description
Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the avatar upload feature. The affected versions are before version 7.2.0.
Remediation
References
Related Vulnerabilities
WordPress Plugin Post Pay Counter PHP Object Injection (2.730)
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-1042)
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3231)
WordPress Plugin Gallery by BestWebSoft Arbitrary File Disclosure (3.8.3)