Lucene search
K

517 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.21 views

Atlassian Confluence < 7.19.26 / 7.20.x < 8.5.12 / 8.6.x < 8.9.4 / 9.0.1 (CONFSERVER-97723)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-97723 advisory. - An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5...

7.5CVSS6.7AI score0.011EPSS
Exploits0References2
Atlassian
Atlassian
added 2024/10/10 8:18 p.m.35 views

Stored XSS in Confluence Data Center and Server

This High severity Stored XSS vulnerability was introduced in version 3.0 of Confluence Data Center and Server. This Stored XSS vulnerability, with a CVSS Score of 8.1, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to...

8.8CVSS9.1AI score0.72648EPSS
Exploits15
ATTACKERKB
ATTACKERKB
added 2024/09/06 12:0 a.m.20 views

CVE-2021-26138

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...

7.8AI score
In wildExploits0References2
NVD
NVD
added 2024/08/21 4:15 p.m.23 views

CVE-2024-21690

This High severity Reflected XSS and CSRF Cross-Site Request Forgery vulnerability was introduced in versions 7.19.0, 7.20.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.1, 8.8.0, and 8.9.0 of Confluence Data Center and Server. This Reflected XSS and CSRF Cross-Site Request Forgery...

8.2CVSS0.00712EPSS
Exploits0References2
OSV
OSV
added 2024/08/21 4:15 p.m.1 views

CVE-2024-21690

This High severity Reflected XSS and CSRF Cross-Site Request Forgery vulnerability was introduced in versions 7.19.0, 7.20.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.1, 8.8.0, and 8.9.0 of Confluence Data Center and Server. This Reflected XSS and CSRF Cross-Site Request Forgery...

8.2CVSS6.1AI score0.00712EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/21 4:5 p.m.32 views

CVE-2024-21690

This High severity Reflected XSS and CSRF Cross-Site Request Forgery vulnerability was introduced in versions 7.19.0, 7.20.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.1, 8.8.0, and 8.9.0 of Confluence Data Center and Server. This Reflected XSS and CSRF Cross-Site Request Forgery...

7.1CVSS0.00712EPSS
Exploits0References2
CVE
CVE
added 2024/08/21 4:5 p.m.151 views

CVE-2024-21690

This CVE affects Atlassian Confluence Data Center and Server. The issue is a Reflected XSS and CSRF vulnerability that impacts versions 7.19.0, 7.20.0, 8.0.0 through 8.9.0. An unauthenticated attacker can cause a victim’s browser to execute arbitrary HTML/JavaScript and persuade the user to perfo...

8.2CVSS6.5AI score0.00712EPSS
Exploits0References2Affected Software2
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.5 views

Atlassian Confluence Data Center and Server 安全漏洞

Atlassian Confluence Data Center and Server is a data center of Atlassian Australia. A security vulnerability exists in Atlassian Confluence Data Center and Server. An attacker could exploit this vulnerability to execute arbitrary HTML or JavaScript code on the victim's browser. The following...

8.2CVSS7AI score0.00712EPSS
Exploits0References4
Atlassian
Atlassian
added 2024/08/14 12:24 a.m.37 views

DoS (Denial of Service) org.clojure:clojure Dependency in Confluence Data Center and Server

This High severity org.clojure:clojure Dependency vulnerability was introduced in versions 6.0.0 of Confluence Data Center and Server. This org.clojure:clojure Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

7.5CVSS6.7AI score0.01533EPSS
Exploits1
GithubExploit
GithubExploit
added 2024/07/18 7:55 p.m.438 views

Exploit for Improper Input Validation in Atlassian Confluence_Data_Center

CVE-2023-22515-NSE This repository provides a tool to check f...

10CVSS9.7AI score0.99156EPSS
Exploits39
NVD
NVD
added 2024/07/16 8:15 p.m.54 views

CVE-2024-21686

This High severity Stored XSS vulnerability was introduced in versions 7.13 of Confluence Data Center and Server. This Stored XSS vulnerability, with a CVSS Score of 7.3, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to...

8.7CVSS0.0089EPSS
Exploits0References2
Atlassian
Atlassian
added 2024/07/11 12:1 a.m.36 views

Third-Party Dependency in Confluence Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 7.0.1 of Confluence Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to expose assets in your environment susceptible to exploitation...

7.5CVSS4.5AI score0.014EPSS
Exploits0
Atlassian
Atlassian
added 2024/07/03 8:30 a.m.40 views

DoS (Denial of Service) org.apache.commons:commons-compress Dependency in Confluence Data Center and Server

This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 7.19.23, 8.5.10, 8.9.2 of Confluence Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS6.7AI score0.10901EPSS
Exploits0
Atlassian
Atlassian
added 2024/07/03 8:30 a.m.36 views

DoS (Denial of Service) org.apache.commons:commons-compress Dependency in Confluence Data Center and Server

This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 7.19.23, 8.5.10, 8.9.2 of Confluence Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS6.7AI score0.11879EPSS
Exploits0
Atlassian
Atlassian
added 2024/07/03 8:30 a.m.35 views

DoS (Denial of Service) org.apache.commons:commons-compress Dependency in Confluence Data Center and Server

This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 7.19.23, 8.5.10, 8.9.2 of Confluence Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS6.6AI score0.16157EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/27 12:0 a.m.39 views

Atlassian Confluence 1.0.1 < 7.19.24 / 7.20.x < 8.5.11 / 8.6.x < 8.9.3 (CONFSERVER-95973)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95973 advisory. - Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the...

8.1CVSS6.4AI score0.03967EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/06/27 12:0 a.m.35 views

Atlassian Confluence 1.0.1 < 7.19.23 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 (CONFSERVER-95942)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95942 advisory. - Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the...

8.1CVSS6.4AI score0.03967EPSS
Exploits1References2
Atlassian
Atlassian
added 2024/06/12 9:13 p.m.35 views

DoS (Denial of Service) org.apache.commons:commons-configuration2 Dependency in Confluence Data Center and Server

This High severity org.apache.commons:commons-configuration2 Dependency vulnerability was introduced in versions 1.0 of Confluence Data Center and Server. This org.apache.commons:commons-configuration2 Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

5.4CVSS7.1AI score0.01727EPSS
Exploits0
Atlassian
Atlassian
added 2024/06/12 9:12 p.m.35 views

DoS (Denial of Service) org.apache.commons:commons-configuration2 Dependency in Confluence Data Center and Server

This High severity org.apache.commons:commons-configuration2 Dependency vulnerability was introduced in versions 1.0 of Confluence Data Center and Server. This org.apache.commons:commons-configuration2 Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.3CVSS7.1AI score0.02054EPSS
Exploits0
Atlassian
Atlassian
added 2024/06/07 4:11 a.m.56 views

SSRF (Server-Side Request Forgery) org.springframework:spring-web Dependency in Confluence Data Center and Server

This High severity org.springframework:spring-web Dependency vulnerability was introduced in versions 1.0 of Confluence Data Center and Server. This org.springframework:spring-web Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N...

8.1CVSS7.9AI score0.03967EPSS
Exploits1
Rows per page
Query Builder