CVE-2023-22515

This repository contains a functional Python exploit for CVE-2023-22515, a Broken Access Control vulnerability in Confluence Server and Data Center. The exploit automates the process of triggering the vulnerability, creating an admin account, and verifying authentication.

This repository contains a functional Go-based exploit for CVE-2023-22515, which allows unauthenticated attackers to create an administrator account in vulnerable Confluence instances by bypassing setup completion checks. The exploit automates the process of adding a user via the setup endpoints and includes proxy support.

This repository contains a Python-based scanner for CVE-2023-22515, a broken access control vulnerability in Atlassian Confluence. The scanner checks for the presence of the `/server-info.action` endpoint and analyzes HTTP response codes to determine vulnerability status.

This repository contains a functional exploit for CVE-2023-22515, which leverages a misconfiguration in Confluence to create an admin user without authentication. The exploit includes a Python script to trigger the vulnerability and a decompiled Java servlet for a web-based shell plugin.

This repository contains a functional exploit for CVE-2023-22515, which allows an unauthenticated attacker to create an administrator account in Atlassian Confluence by bypassing setup completion checks. The script automates the process of adding a random user with administrative privileges.

This repository contains a functional exploit for CVE-2023-22515, which leverages a Confluence vulnerability to upload a malicious JAR file for remote code execution (RCE). The exploit includes servlets for command execution and a webshell (Godzilla), demonstrating practical exploitation.

This repository provides a technical writeup on achieving RCE in Confluence by uploading a custom plugin after obtaining backend access. It includes step-by-step instructions and screenshots demonstrating the exploitation process.

This repository contains a functional exploit for CVE-2023-22515, a critical Broken Access Control vulnerability in Atlassian Confluence. The exploit leverages parameter manipulation to reset the setup status and create an administrator account without authentication.

This repository contains a functional exploit for CVE-2023-22515, which allows an unauthenticated attacker to create an administrator account in Confluence Data Center & Server by manipulating the setup process. The exploit sends crafted HTTP requests to bypass setup completion checks and create a new admin user.

This repository contains a functional exploit for CVE-2023-22515, a privilege escalation vulnerability in Atlassian Confluence. The exploit leverages broken access control to create unauthorized administrator accounts by manipulating the setup process.

This repository contains a functional exploit for CVE-2023-22515, an authentication bypass vulnerability in Atlassian Confluence Server. The exploit triggers the vulnerability by resetting the setup status and creating an admin account, followed by authentication checks.

The repository contains only a minimal README with a title and CVE reference, lacking any exploit code, technical details, or functional content. It appears to be a placeholder or incomplete submission.

This repository provides a detailed technical analysis of CVE-2023-22515, explaining how an attacker can exploit chained getters/setters in the `ServerInfoAction` class to reset Confluence's setup process and create an administrative account. It includes step-by-step exploitation details and references to the vulnerable code paths.

This repository contains an NSE (Nmap Scripting Engine) script designed to detect the presence of CVE-2023-22515. The script is likely used for scanning rather than active exploitation.

This repository provides a detailed technical analysis of CVE-2023-22515, a broken access control vulnerability in Atlassian Confluence. It includes log analysis, threat intelligence, and a playbook for incident response, but does not contain exploit code.

This repository contains a Nuclei template for detecting vulnerable Atlassian Confluence instances by checking version numbers against a list of affected versions. It does not exploit the vulnerability but scans for its presence.

This repository contains a functional exploit for CVE-2023-22515, targeting Atlassian Confluence. The exploit automates the process of creating an administrator account by bypassing setup checks and leveraging vulnerable versions.

This repository contains a functional exploit script for CVE-2023-22515, a Broken Access Control vulnerability in Atlassian Confluence Server and Data Center. The script automates the exploitation process by manipulating the application configuration state and creating a new admin user.

This repository provides a detailed technical analysis of CVE-2023-22515, a critical broken access control vulnerability in Atlassian Confluence. It includes attack mechanisms, HTTP request examples, and mitigation strategies but does not contain functional exploit code.

This repository provides a detailed technical analysis of CVE-2023-22515, a critical Broken Access Control vulnerability in Atlassian Confluence Data Center & Server. It includes root cause analysis, attack mechanisms, reproduction steps, and mitigation strategies, demonstrating a deep understanding of the vulnerability.

The repository contains only a README with a generic disclaimer and no technical details or exploit code. It lacks any substantive content related to CVE-2023-22515, raising suspicion of being a placeholder or lure.

The repository claims to demonstrate CVE-2023-22515 (Atlassian Confluence Authentication Bypass) but contains no functional exploit code or technical details. All files are empty or placeholders.

This repository provides a detailed technical analysis of CVE-2023-22515, a critical broken access control vulnerability in Atlassian Confluence. It explains how the vulnerability allows remote attackers to create an admin account by manipulating the `setupComplete` flag via a crafted HTTP request to `/server-info.action`.

This repository contains a functional Python exploit for CVE-2023-22515, an authentication bypass vulnerability in Atlassian Confluence. The script automates the creation of an administrative account by exploiting the vulnerability, supporting both single and mass exploitation modes.

This repository contains a Python script that checks if a Confluence instance is vulnerable to CVE-2023-22515 by verifying the version and attempting to trigger setup mode. It does not exploit the vulnerability but detects potential exposure.

This repository provides a functional exploit for CVE-2023-22515, demonstrating how to bypass authentication in Atlassian Confluence by manipulating the `bootstrapStatusProvider.applicationConfig.setupComplete` parameter to create an administrator account.

This repository contains a Python-based scanner for CVE-2023-22515, a broken access control vulnerability in Atlassian Confluence Data Center and Server. The scanner checks for the presence of the `/server-info.action` endpoint and analyzes HTTP response codes to determine vulnerability status.

This repository contains a functional bash script exploit for CVE-2023-22515, a Broken Access Control vulnerability in Atlassian Confluence. The exploit re-enables the initial setup process and creates an unauthorized administrator account by sending crafted HTTP requests to vulnerable endpoints.

This repository contains a functional exploit for CVE-2023-22515, which leverages a bootstrap manipulation vulnerability in Atlassian Confluence to create an admin user and upload a malicious plugin for RCE. The exploit includes a custom plugin with a servlet that executes commands and returns encrypted output.

This repository contains a functional Rust-based exploit for CVE-2023-22515, an authentication bypass vulnerability in Atlassian Confluence. The exploit automates the creation of unauthorized administrator accounts by manipulating the setup process via crafted HTTP requests.

This repository contains a functional Python exploit for CVE-2023-22515, which targets an authentication bypass vulnerability in Atlassian Confluence. The script automates the exploitation process by sending crafted HTTP requests to reset the setup status and create an administrator account.

This repository contains a functional exploit for CVE-2023-22515, which allows an unauthenticated attacker to create an administrator account in Atlassian Confluence by bypassing setup checks. The script automates the exploitation process by sending crafted HTTP requests to vulnerable endpoints.

This Metasploit module exploits CVE-2023-22515, a broken access control vulnerability in Atlassian Confluence, allowing unauthenticated creation of an admin account via crafted HTTP requests.

This Metasploit module exploits CVE-2023-22515, an improper input validation vulnerability in Atlassian Confluence, to achieve unauthenticated remote code execution by creating an admin user and uploading a malicious plugin.