Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to remote code execution. The good news is that the flaw was fixed in early December 2023 with the release of versions 8.5.4 LTS (Data Center and Server) and 8.6.0 and 8.7.1 (only Data Center), so some customers have already upgraded to those or to later versions. The bad news is that some customers haven’t. Atlassian hasn’t mentioned … More
The post Atlassian reveals critical Confluence RCE flaw, urges “immediate action” (CVE-2023-22527) appeared first on Help Net Security.