CVE-2019-20102
CVE-2019-20102 affects Atlassian Confluence Server: attachment-upload feature allows stored cross-site scripting (SXSS) via a malicious attachment with a modified mimeType. Affected products/versions: Confluence Server 6.14.0–6.14.3 and 6.15.0–before 6.15.5. Root cause is improper validation of u...