This module uses an improper authorization vulnerability in Atlassian Confluence to replace the database contents and create a new admin user in the target system. The created admin account is then used to upload a Servlet plugin JAR file to deploy an agent. The deployed agent will run with the same privileges than the Confluence instance.
CVE Link
Product Name