Vendor
Atlassian
Vulnerabilities in Atlassian Confluence, Jira, and Bitbucket — frequent ransomware-precursor targets due to the sensitive internal documentation they host.
CVEs
[ CRITICAL ] CVSS 10.0 kev
Atlassian Confluence Data Center and Server Broken Access Control
A broken-access-control vulnerability in Atlassian Confluence Data Center and Server allows a remote, unauthenticated attacker to create unauthorized Confluence administrator accounts and gain full access to affected instances.
Atlassian / Confluence Data Center and Server
[ CRITICAL ] CVSS 9.8 kev
Atlassian Confluence OGNL Injection Remote Code Execution
An unauthenticated OGNL (Object-Graph Navigation Language) injection vulnerability in Atlassian Confluence Server and Data Center allows remote code execution on any accessible Confluence instance, with no authentication required.
Atlassian / Confluence Server and Data Center
