Confluence Server@* Security Vulnerabilities and Issues — Confluence Server@* CVE List

Lucene search

AtlassianConfluence Server*

3 matches found

CVE•added 2020/07/01 2:15 a.m.•82 views

CVE-2020-4027

Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version 7...

6.5CVSS4.9AI score0.00218EPSS

CVE•added 2020/07/24 7:15 a.m.•76 views

CVE-2020-14175

Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in user macro parameters. The affected versions are before version 7.4.2, and from version 7.5.0 before 7.5.2.

5.4CVSS5.2AI score0.00237EPSS

CVE•added 2020/04/22 4:15 a.m.•65 views

CVE-2019-20102

The attachment-uploading feature in Atlassian Confluence Server from version 6.14.0 through version 6.14.3, and version 6.15.0 before version 6.15.5 allows remote attackers to achieve stored cross-site- scripting (SXSS) via a malicious attachment with a modified mimeType parameter.

6.1CVSS6.1AI score0.00407EPSS