![]() ![]() A security researcher named Jacob Benny discovered and disclosed the flaw to Atlassian, which has released updated versions for all of the affected products.īut new data collected by Censys shows tha only a small fraction of the vulnerable instances have been updated since Atlassian published its advisory on Aug. The vulnerability (CVE-2021-26084) affects all versions of Confluence Server and Data Center prior to 6.13.23, 7.11.6, 7.12.5, 7.13.0, or 7.4.11, and it’s an issue in the way the Object-Graph Navigation Language interprets some HTML fields. However, it doesn’t appear that many organizations have taken the warning seriously. ![]() Last week, Atlassian released details about a critical vulnerability in its popular Confluence enterprise wiki service, urging customers to upgrade as soon as possible because the bug could be used for arbitrary code execution. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |