Now testing for the following vulnerabilities

Back to all posts

new tests

February 23, 2024

Now testing for the following vulnerabilities

Alfred Berg
Security Researcher

New tests released based on submissions by our Detectify Crowdsource hackers:

CVE-2024-22024: Ivanti Connect Secure and Policy Secure XXE
CVE-2024-21893: Ivanti Connect Secure, Policy Secure SSRF and Neurons for ZTA
CVE-2024-21887: Ivanti Connect Secure and Policy Secure Command Injection
CVE-2023-51630: PRTG Network Monitor XSS
CVE-2023-46805: Ivanti Connect Secure and Policy Secure Authentication Bypass
CVE-2023-41763: Skype for Business SSRF
Configuration File ("config.properties") Exposure
Lucee Server Remote Code Execution
ScreenConnect Authentication Bypass
Spring Boot Actuator / Startup

New tests released by Detectify staff:

Shell-Script Exposure (v3)
JavaScript Client Side Prototype Pollution (v2)

Improved tests to reduce false negatives:

Apache Solr Exposure
Babel Configuration Exposure

Test now running in both Application scanning and Surface Monitoring, previously only in Application scanning:

CVE-2019-3396: Confluence Widget Connector RCE
CVE-2019-3396: Confluence Widget Connector Path Traversal
CVE-2015-8398: Atlassian Confluence Reflected XSS
CVE-2010-2032: Caucho Resin XSS
Atlassian Confluence App 'Confluence SSO/Single Sign On' SSRF
Atlassian Confluence App "Linchpin Enterprise News" SSRF
Atlassian Confluence Code Pro for Confluence Macro SSRF
Atlassian Confluence Release Info for Confluence Macro SSRF
Atlassian Confluence rss Macro SSRF
Atlassian Confluence xslt Macro SSRF
Atlassian Confluence Markdown Macro Path Traversal
Atlassian Confluence marked Macro Path Traversal
Atlassian Confluence html Macro SSRF
Atlassian Confluence html-include Macro SSRF
Atlassian Confluence Macro 'JUnit-report' SSRF
Atlassian Confluence Macro 'Markdown-url' SSRF
Atlassian Confluence Macro 'digraph' SSRF
Atlassian Confluence Macro 'excel' SSRF
Atlassian Confluence Macro 'flowchart' SSRF
Atlassian Confluence Macro 'graph' SSRF
Atlassian Confluence Macro 'graphviz' SSRF
Atlassian Confluence Macro 'ipython' SSRF
Atlassian Confluence Macro 'markdown-from-a-url' SSRF
Atlassian Confluence Macro "Table Filter and Charts for Confluence" SSRF
Atlassian Confluence markdown-from-url Macro Path Traversal
Atmosphere Reflected XSS
Apache Struts in Debug Mode
Atlassian Jira App "qTest for Jira Test Management" SSRF
Atlassian Jira App (customer-satisfaction-survey-for-jira) RCE
Atlassian Jira App (jeditor_pdf_converter) XXE
Atom Package Remote Synchronization Configuration Exposure
Atlassian Jira App "Table Grid Editor" JDBC SSRF
Atlassian Confluence Gadgets Servlet SSRF / Misconfigured Whitelist
Confluence Macro 'bv-ical-upcoming-events' SSRF
FastCGI Test Page Exposure

View your vulnerabilities

Thanks for your feedback

What's new at Detectify

The latest product updates, improvements, and new tests.

Now testing for the following vulnerabilities

Alfred Berg
Security Researcher

What's new at Detectify

The latest product updates, improvements, and new tests.

Now testing for the following vulnerabilities

Alfred BergSecurity Researcher

Alfred Berg
Security Researcher