Task 1 Introduction
Answer the questions below
What is the full CVE entry for this exploit?
*CVE-2022–26134
You discover a server running Confluence with the version of 7.16.2, is this vulnerable?
Answer format: yay/nay
*yay
Task 3 Explaining the Vulnerability
What does the acronym OGNL stand for?
- Object-Graph Navigation Language
Task 5 Exploitation
Craft a payload to identify what user the application is running as. What is the user?
- confluence
Finally, craft a payload to retrieve the flag stored at /flag.txt on MACHINE_IP. What is the flag?
*THM{***********}
