Confluence Security Vulnerabilities and Issues — Confluence CVE List

Lucene search

AtlassianConfluence

2 matches found

CVE•added 2016/04/11 9:59 p.m.•59 views

CVE-2015-8399

Atlassian Confluence before 5.8.17 allows remote authenticated users to read configuration files via the decoratorName parameter to (1) spaces/viewdefaultdecorator.action or (2) admin/viewdefaultdecorator.action.

4.3CVSS4.4AI score0.91261EPSS

CVE•added 2016/04/11 9:59 p.m.•52 views

CVE-2015-8398

Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.8.17 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to rest/prototype/1/session/check.

6.1CVSS5.9AI score0.00557EPSS