Published on 01 Nov 2023 | Updated on 01 Nov 2023
Atlassian has released security updates to address a critical vulnerability (CVE-2023-22518) in their Confluence Data Center and Server products.
Successful exploitation of the improper authorisation vulnerability by an unauthenticated attacker could lead to significant data loss.
The vulnerability affects all versions of the Atlassian Confluence Data Center and Server products prior to the fixed versions listed below:
Users and administrators of affected product versions are advised to update to the latest versions immediately.
If immediate patching is not possible, users and administrators of affected product versions are advised to apply the following mitigating measures as a temporary solution:
More information is available here:
https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-confluence-server-1311473907.html