| Name | confluence_ognl_injection |
| CVE | CVE-2022-26134 |
| Exploit Pack | CANVAS |
| Description | confluence_ognl_injection |
| Notes | CVE Name: CVE-2022-26134 NOTES: CVE-2022-26134 allows unauthenticated, remote attackers to gain arbitrary code execution via OGNL injection in vulnerable Confluence Server and Data Center instances. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1. Tested against: - Confluence 7.14.0 CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2022-26134 CVSS: None Date public: 06/03/2022 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |