Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns

In The Hacker News - Original news source is thehackernews.com by Blog Writer

Post Sharing
Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems.
Tracked as CVE-2021-26084 (CVSS score: 9.8), the vulnerability concerns an OGNL (Object-Graph Navigation Language) injection flaw that