← ExploitWatch
HomeExploited Vulnerabilities

CVE-2019-3396 — Actively Exploited: Confluence Server and Data Server (Atlassian)

Atlassian Confluence Server and Data Center contain a server-side template injection vulnerability that may allow an attacker to achieve path traversal and remote code execution.

CVE IDCVE-2019-3396
VendorAtlassian
ProductConfluence Server and Data Server
Vulnerability nameAtlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionAtlassian Confluence Server and Data Center contain a server-side template injection vulnerability that may allow an attacker to achieve path traversal and remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →