Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
The Vulnerability has been marked with a maximum CVSS value (10/10) and allows you to create a Confluence administrator account from the Internet.
Atlassian will release their own whiteboard. It will be a part of the confluence. So you will not have to use miro or mural (or similar online services). You will not need apps like Microsoft whiteboard or Apple freeform. Confluence will be everything what you need.
You want to more know? Or maybe even join the beta tests? Check https://www.atlassian.com/software/confluence/whiteboards
Now you can learn at Atlassian University for less. They changed the price of their basic trainings, and now they are free or starting from $39.
The whole catalog of free and cheap courses is here: https://university.atlassian.com/student/catalog/list?category_ids=21723-on-demand
If you do not have any experience with Jira or Jira Service Management I recommend starting with free courses:
If you will work with Confluence:
Those are basics, but it’s really hard to work with Jira/Confluence without them.
For the latest CVE Atlassian released versions 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 and 7.18.1 which contain a fix for this issue.
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
Atlassian has published a notification on a critical vulnerability affecting all on premise instances of Confluence (Server and Data Center) – unauthenticated remote code execution vulnerability in Confluence Server and Data Center.
There are currently no fixed versions of Confluence Server and Data Center available. In the interim, customers should work with their security team to consider the best course of action. Options to consider include:
If you are unable to take the above actions implementing a WAF (Web Application Firewall) rule which blocks URLs containing ${ may reduce your risk.
