Atlassian has fixed three critical vulnerabilities and is urging customers using Confluence, Bamboo, Bitbucket, Crowd, Fisheye and Crucible, Jira and Jira Service Management to update their instances as soon as possible. There is no mention of these vulnerabilities being exploited in the wild, but flaws in Atlassian Confluence are often leveraged by attackers. About CVE-2022-26138 CVE-2022-26138 affects the Questions for Confluence app, which is deployed and used by some Confluence Server and Data Center customers. … More
The post Atlassian fixes critical flaws in Confluence, Jira, Bitbucket and other products, update quickly! appeared first on Help Net Security.