This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.
This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.��
Atl ...
The host is installed with Atlassian Confluence Server before 7.19.22 or 7.20.0 before 8.5.9 and is prone to a remote code execution vulnerability. A flaw is present in the application which fails to properly handle an issue in unspecified vectors. Successful exploitation allows an authenticated attacker to execute arbitrary code.
The host is installed with Atlassian Confluence Server before 7.19.22 or 7.20.0 before 8.5.9 and is prone to a remote code execution vulnerability. A flaw is present in the application which fails to properly handle an issue in unspecified vectors. Successful exploitation allows an authenticated attacker to execute arbitrary code.
The host is installed with Google Chrome before 125.0.6422.112, or Microsoft Edge before 125.0.2535.67 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.
The host is missing a high severity security update according to Google advisory. The update is required to fix a type confusion vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to cause unspecified impact.
The host is installed with Google Chrome before 125.0.6422.112, or Microsoft Edge before 125.0.2535.67 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.
The host is missing a high severity security update according to Google advisory. The update is required to fix a type confusion vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to cause unspecified impact.