3 matches found
CVE-2020-35121
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro...
Code injection
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro...
Keysight Database Connector plugin code injection vulnerability
Bitbucket Keysight is a database connector plugin available for Atlassian products from the Bitbucket organization. A security vulnerability exists in the Keysight Database Connector plugin before 1.5.0, which originates from a malicious user being able to insert arbitrary JavaScript into saved...