Description
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
Remediation
References
Related Vulnerabilities
WordPress Plugin Show-Hide/Collapse-Expand Cross-Site Scripting (1.2.5)
WordPress Plugin Plainview Activity Monitor Remote Command Execution (20161228)
WordPress Plugin Clean Login Cross-Site Scripting (1.12.6.3)
WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.2.1)
WordPress Plugin Vmax Project Manager Local File Inclusion (1.1)