Atlassian Confluence < 6.13.1 Information Disclosure Vulnerability
Medium Nessus Plugin ID 124330
SynopsisA web application running on the remote host is affected by an information disclosure vulnerability
DescriptionAccording to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 6.13.1.
It is therefore, affected by an information disclosure vulnerability which exists in the 'Word Export' component. An authenticated, remote attacker can exploit this which may lead to recovery of already deleted content pages.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Atlassian Confluence version 6.13.1, 6.14.0 or later.