Lucene search
AtlassianConfluence Server
2 matches found
CVE-2020-29445
Affected versions of Confluence Server before 7.4.8, and versions from 7.5.0 before 7.11.0 allow attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters.
4.3CVSS4.7AI score0.00103EPSS
CVE-2020-29444
Affected versions of Team Calendar in Confluence Server before 7.11.0 allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting Vulnerability in admin global setting parameters.
5.4CVSS5.3AI score0.00233EPSS