CVE-2023-22527

CVE Database · CVE-2023-22527

CVE-2023-22527

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

99.98%

Published

Jan 16, 2024

Modified

Oct 24, 2025

CISA Known Exploited Vulnerability

Added: 2024-01-24 · Due: 2024-02-14

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Public PoC / Exploit (10)

All weaponized →

NucleiNuclei detection template TrickestTrickest PoC index GitHub PoCBoogipop/CVE-2023-22527-Godzilla-MEMSHELL★76 GitHub PoCM0untainShley/CVE-2023-22527-MEMSHELL★41 GitHub PoCAvento/CVE-2023-22527_Confluence_RCE★26 GitHub PoCManh130902/CVE-2023-22527-POC★22 GitHub PoCVNCERT-CC/CVE-2023-22527-confluence★19 GitHub PoCVozec/CVE-2023-22527★14 GitHub PoCRevoltSecurities/CVE-2023-22527★10 GitHub PoCChocapikk/CVE-2023-22527★9

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-74CWE-74

Affected Products (3)

atlassian · confluence_data_center (up to 8.5.4)vulnerable

atlassian · confluence_data_centervulnerable

atlassian · confluence_server (up to 8.5.4)vulnerable

References (8)

http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html

ExploitThird Party AdvisoryVDB Entry

https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615