Lucene search
+L

4 matches found

Cvelist
Cvelist
added 2022/07/26 4:5 a.m.21 views

CVE-2020-36290

The Livesearch macro in Confluence Server and Data Center before version 7.4.5, from version 7.5.0 before 7.6.3, and from version 7.7.0 before version 7.7.4 allows remote attackers with permission to edit a page or blog to inject arbitrary HTML or JavaScript via a cross site scripting XSS...

5.2AI score0.00597EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/07/26 4:5 a.m.12 views

CVE-2020-36290

The Livesearch macro in Confluence Server and Data Center before version 7.4.5, from version 7.5.0 before 7.6.3, and from version 7.7.0 before version 7.7.4 allows remote attackers with permission to edit a page or blog to inject arbitrary HTML or JavaScript via a cross site scripting XSS...

5.5AI score0.00597EPSS
Exploits0References1
CVE
CVE
added 2022/07/26 4:5 a.m.76 views

CVE-2020-36290

CVE-2020-36290 affects Atlassian Confluence Server/Data Center via the Livesearch macro. Vulnerable versions include pre-7.4.5, 7.5.0–7.6.2, and 7.7.0–7.7.3 (up to 7.7.4 in some listings), where remote attackers with page/blog edit permission can inject arbitrary HTML/JavaScript into the page exc...

5.4CVSS5.2AI score0.00597EPSS
Exploits0References1Affected Software2
Atlassian
Atlassian
added 2020/07/28 1:4 a.m.37 views

Stored XSS in the Livesearch macro - CVE-2020-36290

The Livesearch macro in Confluence Server and Data Center before version 7.4.5, from version 7.5.0 before 7.6.3, and from version 7.7.0 before version 7.7.4 allows remote attackers with permission to edit a page or blog to inject arbitrary HTML or JavaScript via a cross site scripting XSS...

5.4CVSS5.1AI score0.00597EPSS
Exploits0
Rows per page
Query Builder