Article

Atlassian has addressed a critical vulnerability, CVE-2023-22527, in its Confluence and Jira products, which poses a significant risk of exploitation due to its maximum CVSS score of 10. The vulnerability allows arbitrary code execution through template injection without requiring login credentials, prompting the National Cyber Security Centre to elevate its threat assessment to 'High/High'. Systems exposed to the internet are particularly vulnerable, with over 180 affected Atlassian Confluence environments identified in the Netherlands.