## https://sploitus.com/exploit?id=SAINT:FDEEDB34497DA799578C5BB42A83ABC5
Added: 11/02/2023
### Background
Atlassian Confluence is a collaboration and knowledge management application.
### Problem
Broken access control in Atlassian Confluence Data Center and Server could allow a remote attacker to create an administrator account, leading to remote command execution.
### Resolution
Upgrade to Confluence 8.3.3, 8.4.3, or 8.5.2 or higher.
### References
https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html
### Limitations
Upon successful exploitation, an administrator account is created which must be manually removed.