CVE-2019-3398

Atlassian Confluence Server and Data Center contain a path traversal vulnerability in the downloadallattachments resource that may allow a privileged, remote attacker to write files. Exploitation can lead to remote code execution. Vendor/Product: Atlassian Confluence Server and Data Center. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.