CVE-2019-3396 - Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability
Project:Atlassian
Product:Confluence Server and Data Server
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability
Description
Atlassian Confluence Server and Data Center contain a server-side template injection vulnerability that may allow an attacker to achieve path traversal and remote code execution.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-3396