Lucene search

K
AtlassianConfluence Data Center

4 matches found

CVE
CVE
added 2021/08/30 7:15 a.m.1856 views

CVE-2021-26084

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.1...

9.8CVSS8.7AI score0.94437EPSS
CVE
CVE
added 2022/06/03 10:15 p.m.1600 views

CVE-2022-26134

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, fro...

9.8CVSS9.9AI score0.94426EPSS
CVE
CVE
added 2022/07/20 6:15 p.m.197 views

CVE-2022-26136

A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in authentication bypass and c...

9.8CVSS9.1AI score0.00224EPSS
CVE
CVE
added 2023/12/06 5:15 a.m.118 views

CVE-2023-22522

This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. Using this approach, an attacker is able to achieve Remote Code Execution (RCE) on an affected instance. Publicly accessible Confluence Da...

9CVSS9.3AI score0.42294EPSS