Atlassian Confluence Data Center And Server Authentication Bypass

Posted on 27 February 2024

This Metasploit module exploits a broken access control vulnerability in Atlassian Confluence servers leading to an authentication bypass. A specially crafted request can be create new admin account without authentication on the target Atlassian server.