Get a demo Acunetix Website Security Scanner Get a demo
  • Product
  • Why Acunetix?
    • Solutions
      • INDUSTRIES
        • IT & Telecom
        • Government
        • Financial Services
        • Education
        • Healthcare
      • ROLES
        • CTO & CISO
        • Engineering Manager
        • Security Engineer
        • DevSecOps
    • Case Studies
    • Customers
    • Testimonials
  • Pricing
  • About Us
    • Our story
    • In the news
    • Careers
    • Contact
  • Resources
    • Blog
    • Webinars
    • White papers
    • Buyer’s guide
    • Partners
    • Support
  • Get a demo
WEB APPLICATION VULNERABILITIES Standard & Premium

Confluence Widget Connector SSTI

Description

Widget Connector addon of Confluence is vulnerable to path traversal and server side template injection, which could be used for remote code execution.

Remediation

Upgrade to the latest version of Confluence

References

CVE-2019-3396

CONFSERVER-57974

Related Vulnerabilities

WordPress Multiple Vulnerabilities (0.70 - 3.6.1)

WordPress Plugin Booking Calendar Local File Inclusion (7.0)

WordPress Plugin UpdraftPlus WordPress Backup Multiple Vulnerabilities (1.16.58)

WordPress Plugin Swim Team Arbitrary File Download (1.44.1077)

Apache Tomcat version older than 5.5.27

Severity

High

Classification

CVE-2019-3396 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Server Side Template Injection

Take action and discover your vulnerabilities

Get a demo
Product Information
  • AcuSensor Technology
  • AcuMonitor Technology
  • Acunetix Integrations
  • Vulnerability Scanner
  • Support Plans
Use Cases
  • Penetration Testing Software
  • Website Security Scanner
  • External Vulnerability Scanner
  • Web Application Security
  • Vulnerability Management Software
Website Security
  • Cross-site Scripting
  • SQL Injection
  • Reflected XSS
  • CSRF Attacks
  • Directory Traversal
Learn More
  • White Papers
  • TLS Security
  • WordPress Security
  • Web Service Security
  • Prevent SQL Injection
Company
  • About Us
  • Customers
  • Become a Partner
  • Careers
  • Contact
Documentation
  • Case Studies
  • Support
  • Videos
  • Vulnerability Index
  • Webinars
  • Login
  • Invicti Subscription Services Agreement
  • Privacy Policy
  • Terms of Use
  • Sitemap
  • Find us on Facebook
  • Follow us on Twiter
  • Follow us on LinkedIn

© Acunetix 2023, by Invicti