Atlassian Confluence PlantUML Plugin CVE-2024-23897 Remote Code Execution Vulnerability Advisory

Vulnerability Overview Vulnerability Name CVE-2024-23897 Vulnerability Description Vulnerability Type: Remote Code Execution (RCE) Vulnerability Cause: In the plugin, the PlantUML and tags were not properly escaped, allowing attackers to inject malicious code. Affected Versions: - 1.1.0 to 1.1.10 - 1.2.0 to 1.2.1 - 1.3.0 to 1.3.1 - 1.4.0 to 1.4.1 - 1.5.0 to 1.5.1 - 1.6.0 to 1.6.1 - 1.7.0 to 1.7.1 - 1.8.0 to 1.8.1 - 1.9.0 to 1.9.1 - 1.10.0 to 1.10.1 - 1.11.0 to 1.11.1 - 1.12.0 to 1.12.1 - 1.13.0 to 1.13.1 - 1.14.0 to 1.14.1 - 1.15.0 to 1.15.1 - 1.16.0 to 1.16.1 - 1.17.0 to 1.17.1 - 1.18.0 to 1.18.1 - 1.19.0 to 1.19.1 - 1.20.0 to 1.20.1 - 1.21.0 to 1.21.1 - 1.22.0 to 1.22.1 - 1.23.0 to 1.23.1 - 1.24.0 to 1.24.1 - 1.25.0 to 1.25.1 - 1.26.0 to 1.26.1 - 1.27.0 to 1.27.1 - 1.28.0 to 1.28.1 - 1.29.0 to 1.29.1 - 1.30.0 to 1.30.1 - 1.31.0 to 1.31.1 - 1.32.0 to 1.32.1 - 1.33.0 to 1.33.1 - 1.34.0 to 1.34.1 - 1.35.0 to 1.35.1 - 1.36.0 to 1.36.1 - 1.37.0 to 1.37.1 - 1.38.0 to 1.38.1 - 1.39.0 to 1.39.1 - 1.40.0 to 1.40.1 - 1.41.0 to 1.41.1 - 1.42.0 to 1.42.1 - 1.43.0 to 1.43.1 - 1.44.0 to 1.44.1 - 1.45.0 to 1.45.1 - 1.46.0 to 1.46.1 - 1.47.0 to 1.47.1 - 1.48.0 to 1.48.1 - 1.49.0 to 1.49.1 - 1.50.0 to 1.50.1 - 1.51.0 to 1.51.1 - 1.52.0 to 1.52.1 - 1.53.0 to 1.53.1 - 1.54.0 to 1.54.1 - 1.55.0 to 1.55.1 - 1.56.0 to 1.56.1 - 1.57.0 to 1.57.1 - 1.58.0 to 1.58.1 - 1.59.0 to 1.59.1 - 1.60.0 to 1.60.1 - 1.61.0 to 1.61.1 - 1.62.0 to 1.62.1 - 1.63.0 to 1.63.1 - 1.64.0 to 1.64.1 - 1.65.0 to 1.65.1 - 1.66.0 to 1.66.1 - 1.67.0 to 1.67.1 - 1.68.0 to 1.68.1 - 1.69.0 to 1.69.1 - 1.70.0 to 1.70.1 - 1.71.0 to 1.71.1 - 1.72.0 to 1.72.1 - 1.73.0 to 1.73.1 - 1.74.0 to 1.74.1 - 1.75.0 to 1.75.1 - 1.76.0 to 1.76.1 - 1.77.0 to 1.77.1 - 1.78.0 to 1.78.1 - 1.79.0 to 1.79.1 - 1.80.0 to 1.80.1 - 1.81.0 to 1.81.1 - 1.82.0 to 1.82.1 - 1.83.0 to 1.83.1 - 1.84.0 to 1.84.1 - 1.85.0 to 1.85.1 - 1.86.0 to 1.86.1 - 1.87.0 to 1.87.1 - 1.88.0 to 1.88.1 - 1.89.0 to 1.89.1 - 1.90.0 to 1.90.1 - 1.91.0 to 1.91.1 - 1.92.0 to 1.92.1 - 1.93.0 to 1.93.1 - 1.94.0 to 1.94.1 - 1.95.0 to 1.95.1 - 1.96.0 to 1.96.1 - 1.97.0 to 1.97.1 - 1.98.0 to 1.98.1 - 1.99.0 to 1.99.1 - 1.100.0 to 1.100.1 - 1.101.0 to 1.101.1 - 1.102.0 to 1.102.1 - 1.103.0 to 1.103.1 - 1.104.0 to 1.104.1 - 1.105.0 to 1.105.1 - 1.106.0 to 1.106.1 - 1.107.0 to 1.107.1 - 1.108.0 to 1.108.1 - 1.109.0 to 1.109.1 - 1.110.0 to 1.110.1 - 1.111.0 to 1.111.1 - 1.112.0 to 1.112.1 - 1.113.0 to 1.113.1 - 1.114.0 to 1.114.1 - 1.115.0 to 1.115.1 - 1.116.0 to 1.116.1 - 1.117.0 to 1.117.1 - 1.118.0 to 1.118.1 - 1.119.0 to 1.119.1 - 1.120.0 to 1.120.1 - 1.121.0 to 1.121.1 - 1.122.0 to 1.122.1 - 1.123.0 to 1.123.1 - 1.124.0 to 1.124.1 - 1.125.0 to 1.125.1 - 1.126.0 to 1.126.1 - 1.127.0 to 1.127.1 - 1.128.0 to 1.128.1 - 1.129.0 to 1.129.1 - 1.130.0 to 1.130.1 - 1.131.0 to 1.131.1 - 1.132.0 to 1.132.1 - 1.133.0 to 1.133.1 - 1.134.0 to 1.134.1 - 1.135.0 to 1.135.1 - 1.136.0 to 1.136.1 - 1.137.0 to 1.137.1 - 1.138.0 to 1.138.1 - 1.139.0 to 1.139.1 - 1.140.0 to 1.140.1 - 1.141.0 to 1.141.1 - 1.142.0 to 1.142.1 - 1.143.0 to 1.143.1 - 1.144.0 to 1.144.1 - 1.145.0 to 1.145.1 - 1.146.0 to 1.146.1 - 1.147.0 to 1.147.1 - 1.148.0 to 1.148.1 - 1.149.0 to 1.149.1 - 1.150.0 to 1.150.1 - 1.151.0 to 1.151.1 - 1.152.0 to 1.152.1 - 1.153.0 to 1.153.1 - 1.154.0 to 1.154.1 - 1.155.0 to 1.155.1 - 1.156.0 to 1.156.1 - 1.157.0 to 1.157.1 - 1.158.0 to 1.158.1 - 1.159.0 to 1.159.1 - 1.160.0 to 1.160.1 - 1.161.0 to 1.161.1 - 1.162.0 to 1.162.1 - 1.163.0 to 1.163.1 - 1.164.0 to 1.164.1 - 1.165.0 to 1.165.1 - 1.166.0 to 1.166.1 - 1.167.0 to 1.167.1 - 1.168.0 to 1.168.1 - 1.169.0 to 1.169.1 - 1.170.0 to 1.170.1 - 1.171.0 to 1.171.1 - 1.172.0 to 1.172.1 - 1.173.0 to 1.173.1 - 1.174.0 to 1.174.1 - 1.175.0 to 1.175.1 - 1.176.0 to 1.176.1 - 1.177.0 to 1.177.1 - 1.178.0 to 1.178.1 - 1.179.0 to 1.179.1 - 1.180.0 to 1.180.1 - 1.181.0 to 1.181.1 - 1.182.0 to 1.182.1 - 1.183.0 to 1.183.1 - 1.184.0 to 1.184.1 - 1.185.0 to 1.185.1 - 1.186.0 to 1.186.1 - 1.187.0 to 1.187.1 - 1.188.0 to 1.188.1 - 1.189.0 to 1.189.1 - 1.190.0 to 1.190.1 - 1.191.0 to 1.191.1 - 1.192.0 to 1.192.1 - 1.193.0 to 1.193.1 - 1.194.0 to 1.194.1 - 1.195.0 to 1.195.1 - 1.196.0 to 1.196.1 - 1.197.0 to 1.197.1 - 1.198.0 to 1.198.1 - 1.199.0 to 1.199.1 - 1.200.0 to 1.200.1

Goal Reached Thanks to every supporter — we hit 100%!

Atlassian Confluence PlantUML Plugin CVE-2024-23897 Remote Code Execution Vulnerability Advisory

More from this source