CVE-2023-22522

Summary

This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. Using this approach, an attacker is able to achieve Remote Code Execution (RCE) on an affected instance. Publicly accessible Confluence Data Center and Server versions as listed below are at risk and require immediate attention. See the advisory for additional details Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

News Articles

SC Magazine

CVE-2023-22527CVE-2023-22522

Thousands of exploit attempts reported on critical Atlassian Confluence RCE

Security researchers say they recorded several thousands exploit attempts on Atlassian Confluence RCE originating from more than 600 unique IP addresses.

10 months ago

SC Magazine

CVE-2023-22527CVE-2023-22522

Atlassian Confluence vulnerability enables remote code execution

The critical bug, given a maximum CVSS score of 10 by Atlassian, requires an urgent update to the fixed version to avoid exploitation.

11 months ago

Security Boulevard

CVE-2023-22527CVE-2023-22522

Confluence Remote Code Execution Vulnerability (CVE-2023-22527) Alert

Overview On January 16, NSFOCUS CERT detected that Atlassian officially released a security announcement fixing the remote code execution vulnerability (CVE-2023-22522) in Confluence Data Center and Confluence Server. This vulnerability is caused by template injection. Unauthenticated attackers can ...

11 months ago

More News...