My IAST backend was mostly done, and I recently started learning Electron so I can build a frontend. I wanted a small project to practice with, so I decided to build a GUI for ysoserial and add some custom features. If you want to extend ysoserial, you inevitably have to study the original project — so I wrote this article as notes for future review.

All versions.

Confluence contains an authorization validation flaw. An attacker can send crafted requests to gain server privileges and potentially achieve remote command execution.

Confluence is a collaboration product developed by Atlassian, widely used for knowledge sharing, document collaboration, and centralized information storage.

Companion code: top50vulns_2023 (recommended to read together).