Unrated severityNVD Advisory· Published May 1, 2023· Updated Oct 1, 2024
CVE-2023-22503
CVE-2023-22503
Description
Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. This occurs via an Information Disclosure vulnerability in the macro preview feature.
This vulnerability was reported by Rojan Rijal of the Tinder Security Engineering team.
The affected versions are before version 7.13.15, from version 7.14.0 before 7.19.7, and from version 7.20.0 before 8.2.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<7.13.15, >=7.14.0 <7.19.7, >=7.20.0 <8.2.0+ 1 more
- (no CPE)range: <7.13.15, >=7.14.0 <7.19.7, >=7.20.0 <8.2.0
- (no CPE)range: >= 7.20.2
<7.13.15, >=7.14.0 <7.19.7, >=7.20.0 <8.2.0+ 1 more
- (no CPE)range: <7.13.15, >=7.14.0 <7.19.7, >=7.20.0 <8.2.0
- (no CPE)range: >= 7.20.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.