Confluence Apache Tomcat CVE-2022-34305

This is reproducible on Data Center: yes The current version of Tomcat 9.0.63 is bundled with Confluence 7.18.2 and Confluence 7.13.8 are vulnerable to CVE-2022-34305 https://vulners.com/cve/CVE-2022-34305 h3. Steps to Reproduce - h3. Expected Results - h3. Actual Results - h3. Workaround Manuall...

Atlassian Jira 7.7.x < 7.13.8 Template Injection Vulnerability

According to its self-reported version number, the Atlassian Jira application running on the remote host is 7.0.10 7.6.16, 7.7.x 7.13.8, 8.1.x 8.1.3, 8.2.x 8.2.5, 8.3.x 8.3.4, 8.4.x 8.4.1. It is, therefore, affected by a server-side template injection vulnerability that exists in the Jira Importe...