Confluence Server Security Vulnerabilities and Issues — Confluence Server CVE List

Lucene search

AtlassianConfluence Server

2 matches found

CVE•added 2021/05/07 6:15 a.m.•101 views

CVE-2020-29445

Affected versions of Confluence Server before 7.4.8, and versions from 7.5.0 before 7.11.0 allow attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters.

4.3CVSS4.7AI score0.00103EPSS

CVE•added 2021/04/01 7:15 p.m.•67 views

CVE-2021-26072

The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.

4.3CVSS4.6AI score0.08044EPSS