> Atlassian has been made aware of current active exploitation of a critical severity unauthenticated remote code execution vulnerability in Confluence Data Center and Server. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance.
7 comments
[ 5.4 ms ] story [ 28.2 ms ] threadMore info about the CVE from Atlassian here.
https://confluence.atlassian.com/doc/confluence-security-adv...
https://news.ycombinator.com/item?id=31605665
https://news.ycombinator.com/item?id=31602288
https://www.volexity.com/blog/2022/06/02/zero-day-exploitati...
(this article seems like blogspam to me)
Prepare to wipe servers and start fresh!