CVE-2023-22515 - Confluence - Broken Access Control
Late last year this vulnerability lead to the compromise of several on-premise installs of Atlassian Confluence. CVE-2023-22515 is scarily simple to exploit and is the result of certain requests sent to the server being trusted if they contained a certain header. With this it was then possible to re-run part…