The host is installed with Atlassian Confluence Server versions before 6.6.12, 6.7.0 before 6.12.3, 6.13.0 before 6.13.3 or 6.14.0 before 6.14.2 and is prone to a remote code execution vulnerability. A flaw is present in the application which fails to properly handle the widget connector macro. Successful exploitation allows attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.