CVE-2021-26072

MEDIUM EXPLOITED NUCLEI

Confluence Server and Data Center < 5.8.6 - Server-Side Request Forgery via WidgetConnector

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2021-26072 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.

Nuclei Templates (1)

Atlassian Confluence < 5.8.6 - Server-Side Request Forgery
MEDIUMVERIFIEDby TechbrunchFR
Shodan: http.component:"Atlassian Confluence"

References (1)

Core 1
Core References
Issue Tracking, Patch, Vendor Advisory x_refsource_misc
https://jira.atlassian.com/browse/CONFSERVER-61399

Scores

CVSS v3 4.3
EPSS 0.3885
EPSS Percentile 98.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

VulnCheck KEV 2025-11-05
CWE
CWE-918
Status published
Products (2)
atlassian/confluence_data_center < 5.8.6
atlassian/confluence_server < 5.8.6
Published Apr 01, 2021
Tracked Since Feb 18, 2026