CVE 2021 26084 image 1

Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers

Vulnerability Overview On August 25, 2021 a security advisory was released for a vulnerability identified in Confluence Server titled “CVE-2021-26084: Atlassian Confluence OGNL Injection”. The vulnerability allows an unauthenticated attacker to perform remote command execution by taking advantage of an insecure handling of OGNL (Object-Graph Navigation Language) on affected Confluence ... Read More

Imperva Mitigates Exploits of Citrix Vulnerability – Right Out of the Box

| | Application Security, Labs
On December 17, Citrix issued a Security Bulletin on an unauthenticated remote code execution vulnerability (CVE-2019-19781) affecting its Citrix Application Delivery Controller (ADC) – formerly known as NetScaler ADC – and its Citrix Gateway – formerly known as NetScaler Gateway. At the time of the security bulletin release, there was ... Read More