Affected versions of Team Calendar in Confluence Serverย allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting vulnerability in admin global setting parameters.
h3. Affected versions:
h3. Fixed version:
This vulnerability is attributed toย Stefano Castilletti, a security researcher from Apple.