As a result of the recently published critical security advisory from Atlassian, which we consider to be very critical, we recommend that you disable the following apps as an immediate countermeasure:
Disabling these apps immediately protects you against these vulnerabilities, but can have the following significant consequences for Confluence's functionality:
Please contact us if you want us to disable these apps after carefully consideration of the impact. Alternatively you can disable the apps yourself.
After the update, you can manually enable all of the apps again. You can do this in the same way as you disabled them described below, but select Enable instead.
When activating make sure that the Office Connector app needs to be enabled additionally and at last, as it depends on the WebDAV plugin.
The following apps must be enabled:
Here is a quick video tutorial showing you how to disable the plugins yourself: https://cl.ly/4ccbf8d1f680
Open the Confluence Administration area and select "Manage Apps".
Select All apps from app selection list.
To the left of the app selection list, enter "Widget Connector" in the search field and search for it. When the app appears in the search results, click on it to see the app information and click Disable. Once the first app has been disabled, repeat the process for the "WebDAV" app.