Atlassian Confluence OGNL injection enabling unauthenticated RCE. Apply patches immediately. If exposed to the internet unpatched during Aug-Sep 2021, assume compromise and conduct forensic review of Confluence logs.
A remote code execution vulnerability was found in Atlassian Confluence Server and Data Center via OGNL injection in the Widget Connector macro.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →