Loading
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Use CWE-917, Atlassian vendor hub and Confluence Data Center product page to widen CVE-2022-26134 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2023-22527, CVE-2024-21683 and CVE-2024-21677 for nearby disclosures in the same product family.