CVE-2022-26134 - Zero-Day Exploitation of Atlassian Confluence
An initial review of one of the Confluence Server systems quickly identified that a JSP file had been written into a publicly accessible web directory. The file was a well-known copy of the JSP variant of the China Chopper webshell. However, a review of the web logs showed that the file had barely been accessed. The webshell appears to have been written as a means of secondary access. CVE-2022-26134 - Additional info | Zero-Day Exploitation of Atlassian Confluence | Security Advisory