The host is installed with Atlassian Confluence Server before 6.13.23, 6.14.0 before 7.4.11, 7.5.0 before 7.11.6, 7.12.0 before 7.12.5 and is prone to Code Injection vulnerability. A flaw is present in the application which fails to properly handle an OGNL payload. Successful exploitation allows users with a valid account on a Confluence Data Center instance to execute arbitrary Java code or run arbitrary system commands.