Atlassian Confluence Remote Code Execution (CVE-2023-22527)

Blog

Byadmblake January 31, 2025

What is the Vulnerability?On Jan 16, 2024, Atlassian released an advisory for a template injection vulnerability on Confluence Data Center and Server. That can allow an unauthenticated attacker to remotely execute malicious code on affected versions. This vulnerability is rated with a severity level of 10.0 (Critical). What is the Vendor Solution?Atlassian highly recommend applying the latest version available as listed on their advisory. CVE-2023-22527 – Atlassian Support | Atlassian DocumentationWhat FortiGuard Coverage is available?FortiGuard Labs has an IPS signature “Atlassian.Confluence.CVE-2023-22527.Remote.Code.Execution” in place for CVE-2023-22527. The FortiGuard is seeing active exploitation attempts on this vulnerability.

Blog

Atlassian Confluence Remote Code Execution (CVE-2023-22527)

The Path Toward Championing Diversity in Cybersecurity Education

Apple Breaks Precedent, Patches DarkSword for iOS 18

Digital Fraud at Industrial Scale: 2025 Wasn’t Great

1 Year Later: Lessons Learned From the CrowdStrike Outage

Microsoft: New Variant of macOS Threat XCSSET Spotted in the Wild

Lexmark Expands Print Security Services Worldwide

Related