Enterprise software maker Atlassian on Tuesday warned of a critical vulnerability in out-of-date Confluence Data Center and Server versions that could be exploited for remote code execution (RCE), without authentication.
The problem is identified as a template injection vulnerability that was fixed in the supported versions of Confluence during routine updates and is tracked as CVE-2023-22527 (CVSS score of 10). “Users of the impacted version need to act right away. You need to patch right away if your version is outdated.
In an advisory, Atlassian states that it is advised that you update all of your impacted installations to the most recent version.
Read More: Atlassian Warns of Critical RCE Vulnerability in Outdated Confluence Instances
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.