📦 Confluence Server

This is a critical template injection vulnerability (CWE-74) in older Confluence Data Center and Server versions that allows unauthenticated attackers to execute arbitrary code remotely. Affected orga...

CVE-2023-22518 is an improper authorization vulnerability in Confluence Data Center and Server that allows unauthenticated attackers to reset the application and create administrator accounts. This le...

CVE-2023-22515 is a critical vulnerability in Atlassian Confluence Data Center and Server that allows unauthenticated attackers to create administrator accounts and gain full control of affected insta...

This vulnerability allows remote unauthenticated attackers to bypass Servlet Filters in multiple Atlassian products, potentially leading to authentication bypass and cross-site scripting attacks. Orga...

CVE-2022-26134 is a critical OGNL injection vulnerability in Atlassian Confluence Server and Data Center that allows unauthenticated attackers to execute arbitrary code remotely. This affects Confluen...

CVE-2021-26084 is a critical OGNL injection vulnerability in Confluence Server and Data Center that allows unauthenticated attackers to execute arbitrary code on vulnerable instances. This affects org...

This high-severity Denial of Service vulnerability in Confluence Data Center allows attackers to make resources unavailable to legitimate users by disrupting services. It affects Confluence Data Cente...

This high-severity vulnerability in Confluence Data Center and Server allows unauthenticated attackers to execute reflected XSS attacks and CSRF attacks. It affects users running vulnerable versions o...

This is a stored cross-site scripting (XSS) vulnerability in Confluence Data Center and Server that allows authenticated attackers to inject malicious HTML/JavaScript into web pages. When victims view...

This is a high-severity remote code execution vulnerability in Confluence Data Center and Server that allows authenticated attackers to execute arbitrary code on affected systems. It affects Confluenc...

This is a high-severity path traversal vulnerability (CWE-22) in Confluence Data Center and Server that allows unauthenticated attackers to access or manipulate files outside intended directories. It ...

This is a high-severity denial-of-service vulnerability in Confluence Data Center and Server that allows unauthenticated attackers to disrupt service availability. It affects versions starting from 5....

This is a high-severity Remote Code Execution vulnerability in Atlassian Confluence Data Center and Server that allows authenticated attackers to execute arbitrary code on affected systems. It affects...

This is a high-severity remote code execution vulnerability in Confluence Data Center and Server that allows authenticated attackers to execute arbitrary code on affected systems. It affects versions ...

This is a template injection vulnerability in Confluence Data Center and Server that allows authenticated attackers (including anonymous users) to inject malicious input into pages, leading to remote ...

CVE-2023-22508 is a high-severity remote code execution vulnerability in Confluence Data Center & Server that allows authenticated attackers to execute arbitrary code on affected systems. This affects...

This CVE describes a DLL hijacking vulnerability in Atlassian Confluence Server and Data Center installers on Windows. Authenticated local attackers can exploit this to elevate privileges on the local...