CVE-2023-22505

Name of the Vulnerable Software and Affected Versions Atlassian Confluence Server and Data Center versions 8.0.0 through 8.3.1 Atlassian Confluence Server and Data Center versions prior to 8.3.2 and 8.4.0

Description The issue is related to insufficient input validation, allowing a remote attacker to execute arbitrary code. This has a high impact on confidentiality, integrity, and availability, with no user interaction required. The vulnerability was discovered by a private user and reported via the Bug Bounty program.

Recommendations For versions 8.0.0 through 8.3.1, upgrade to version 8.3.2 or 8.4.0 to resolve the issue. For versions prior to 8.3.2 and 8.4.0, upgrade to version 8.3.2 or 8.4.0 to resolve the issue. As a temporary workaround, consider restricting access to the server until a patch is applied.