Overview I identified a vulnerability that allowed executing code on victims’ machines after they click the Edit button on a Confluence page when Atlassian Companion is installed on macOS. The Atlassian Companion app enables users to edit Confluence files in their preferred desktop application, then save the file back to Confluence automatically. Source: https://confluence.atlassian.com/doc/administering-the-atlassian-companion-app-958456281.html Exploitation conditions Victim must have Atl...
