Workflows for Confluence 2022-04-04

We’re pleased to announce the April 2022 update for Workflows for Confluence has arrived 🥳

Release date: 4th April 2022

Important Update - Security Advisory

We have identified an issue where it was possible for space admins to escalate their privilege to act as space admins for other spaces or, in some cases, as global admins. By doing this, a malicious space admin could execute various functions on Workflows that they do not have access to such as deleting a Workflow or applying a Workflow to a page. It also allowed for any space admin to access Workflow data which may contain sensitive information such as webhook urls.

We have now patched this vulnerability to ensure that space admins can only execute functions within spaces where they are set as admins and we have not received any reports of this vulnerability being exploited.

What else has changed?

• Added a new column to the Workflows Info table displaying a link to the version of the page for which the action was applied

• Fixed an issue causing imported workflows to display the wrong space in the audit log

• Fixed an issue where the ‘Last Transitioned By’ column in the Workflows Search page would always display the page creator

How to upgrade to the latest version

The update is applied automatically so you’re all set 🙌

Give us your feedback

We’d love to hear about how you are using our products and if there’s any feedback you have that can help us make them even better.

Send this to us directly via our Service Desk.

What new features are coming?

There is an extensive roadmap of new features planned for Workflows for Confluence. However, if you don’t see what you are looking for and have suggestions for new features please get in touch.