CVE-2021-26084β€”Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability

PUBLISHEDvulnerability record
2021-11-03 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2021-26084
Project:
Atlassian
Product:
Confluence Server and Data Center
Date Added:
2021-11-03
Due Date:
2021-11-17
Last Updated:
June 21, 2025

Vulnerability Name

Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability

Description

Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
KNOWN

Action

Apply updates per vendor instructions.

Additional Notes

Related News Articles

Related Weaknesses