Atlassian Confluence OGNL injection enabling unauthenticated RCE. Apply patches immediately. If exposed to the internet unpatched during Aug-Sep 2021, assume compromise and conduct forensic review of Confluence logs.
A remote code execution vulnerability was found in Atlassian Confluence Server and Data Center via OGNL injection in the Widget Connector macro.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →