A recently disclosed vulnerability in Atlassian Corp.’s Confluence Data Center and Server is being actively targeted in the wild and has been upgraded to a 10 on the Common Vulnerability Scoring System, the most severe rating possible. The vulnerability, tracked as CVE-2023-22518, is an improper authorization vulnerability that allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account.

Source: SiliconANGLE