Vulnerabilities > Atlassian > Confluence Server > 7.14.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-06 | CVE-2023-22522 | Injection vulnerability in Atlassian Confluence Server This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. | 8.8 |
| 2023-10-31 | CVE-2023-22518 | Incorrect Authorization vulnerability in Atlassian Confluence Data Center All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. | 9.8 |
| 2023-07-18 | CVE-2023-22508 | Unspecified vulnerability in Atlassian Confluence Data Center and Confluence Server This High severity RCE (Remote Code Execution) vulnerability known as CVE-2023-22508 was introduced in version 6.1.0 of Confluence Data Center & Server. | 8.8 |
| 2023-05-25 | CVE-2023-22504 | Unrestricted Upload of File with Dangerous Type vulnerability in Atlassian Confluence Server Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature. | 6.5 |
| 2023-05-01 | CVE-2023-22503 | Unspecified vulnerability in Atlassian Confluence Data Center Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. | 5.3 |