Skip to content

ZeroAuth

Security Research & Bug Bounty Hunter

Posted on July 18, 2019 by admin

Proof of Concept exploit for CVE-2019-11580

Hello there,

Sharing my proof of concept for Atlassian Crowd RCE – CVE-2019-11580.  I was going to make a blog post detailing all the inner workings but someone has already made a very detailed analysis here: https://www.corben.io/atlassian-crowd-rce/

You can find all the source code here:

https://gitlab.com/zeroauth/cve-2019-11580_poc_exploit

 

Post navigation

Previous PostPrevious CVE-2019-12934 – wp-code-highlightjs WordPress Plugin CSRF leads to blog-wide injected script/HTML
Next PostNext CVE-2019-14216 – svg-vector-icon-plugin WordPress plugin vulnerable to CSRF and Arbitrary File Upload leading to Remote Code Execution

Recent Posts

  • CVE-2019-15128 – iF.SVNAdmin through 1.6.2 allows svnadmin/usercreate.php CSRF to create a user.
  • CVE-2019-14216 – svg-vector-icon-plugin WordPress plugin vulnerable to CSRF and Arbitrary File Upload leading to Remote Code Execution
  • Proof of Concept exploit for CVE-2019-11580
  • CVE-2019-12934 – wp-code-highlightjs WordPress Plugin CSRF leads to blog-wide injected script/HTML
  • CVE-2019-12346 – miniOrange SAML SP Single Sign On WordPress Plugin XSS

Recent Comments

    Archives

    • August 2019
    • July 2019
    • May 2019

    Categories

    • Uncategorized

    Meta

    • Log in
    • Entries RSS
    • Comments RSS
    • WordPress.org
    Proudly powered by WordPress