Loading...
Loading...
Published May 20, 2026 · Updated May 21, 2026 · vendor report
Summary
Template injection vulnerability in Confluence Data Center is being used in observed espionage intrusion sets targeting collaboration infrastructure.
Safety Note
No real exploit code, target organizations or intrusion details included. Defensive advisory only.
Related Threat Actors
Related Campaigns
Related Malware
Related CVEs
MITRE ATT&CK Techniques
T1190 — Exploit Public-Facing Application
Initial Access
Patch public-facing applications promptly. Deploy web application firewalls. Monitor application logs for exploitation indicators. Segment DMZ from internal networks.
T1505.003 — Web Shell
Persistence
Monitor web directories for unexpected file changes. Deploy file integrity monitoring. Restrict web server write permissions. Review web server logs for shell access patterns.