CVE-2022-26134 Atlassian Confluence vulnerability.


On June 2, 2022 Volexity announced active exploitation of Atlassian Confluence. An active Remote Code Execution via OGNL injection CVE-2022-26134 and impacts all versions of Confluence Server and Data Center versions greater than 1.3.0.

Atlassian has released their security advisory with patches and mitigation instructions supplied.

Peakhour WAF clients are already protected. We have observed a 200% increase of OGNL based exploit attempts since the announcement of the vulnerability on June 2nd.


© PEAKHOUR.IO PTY LTD 2024   ABN 76 619 930 826    All rights reserved.