Posted on October 31, 2023 in Services & System Applications
An authorization vulnerability exploitable by unauthenticated users has been discovered in Atlassian Confluence, and has been assigned a bug alert severity of 'very high'. Exploitation of the vulnerability can cause substanial data loss. Atlassian recommends removing installations from the Internet immediately if they cannot be patched.
Posted on October 04, 2023 in Services & System Applications
A privilege escalation flaw has been found, and is being actively exploited, in Atlassian Confluence, and has been assigned a bug alert severity of 'very high'. Atlassian recommends removing installations from the Internet immediately if they cannot be patched.
Posted on July 20, 2022 in Services & System Applications
Multiple Vulnerabilities have been disclosed in Atlassian Products. A hardcoded credential vulnerability in Questions for Confluence, and Servlet Filter Bypass Vulnerabilities have been found in multiple Atlassian products that may enable Authentication Bypasses, XSS Attacks, and CORS attacks. These vulnerabilities have been assigned a bug alert severity of 'very high'. Atlassian recommends patching affected installations immediately.
Posted on June 02, 2022 in Services & System Applications
An unauthenticated remote code execution flaw has been found, and is being actively exploited, in Atlassian Confluence, and has been assigned a bug alert severity of 'very high'. Atlassian recommends removing installations from the Internet immediately.
Posted on April 20, 2022 in Services & System Applications
An authentication bypass vulnerability has been found in Atlassian Jira. This issue can be exploited in the default configuration, and has been assigned a bug alert severity of 'very high'.