Lucene search
Security-metrics-botATLASSIAN:CONFSERVER-61266HistoryFeb 22, 2021 - 4:54 a.m.
Persistent XSS through Team Calendar in Confluence Server - CVE-2020-29444
2021-02-2204:54:36
security-metrics-bot
jira.atlassian.com
16
confluence server
team calendar
persistent xss
html injection
javascript injection
cross site scripting
security researcher
apple
EPSS
0.001
Percentile
22.7%
Affected versions of Team Calendar in Confluence Serverย allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting vulnerability in admin global setting parameters.
h3. Affected versions:
- < 7.11.0
h3. Fixed version:
- 7.11.0
This vulnerability is attributed toย Stefano Castilletti, a security researcher from Apple.
Related
prion
prion
Cross site scripting
2021-05-07 06:15:00
cvelist
cvelist
CVE-2020-29444
2021-05-07 06:10:11
nvd
nvd
CVE-2020-29444
2021-05-07 06:15:09
atlassian
atlassian
Persistent XSS through Team Calendar in Confluence Server - CVE-2020-29444
2021-02-22 04:54:36
cve
cve
CVE-2020-29444
2021-05-07 06:15:09
nessus
nessus
Atlassian Confluence < 7.11.0 Multiple Vulnerabilities
2021-07-05 00:00:00