Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian confluence server vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2020-29445
Affected versions of Confluence Server prior to 7.4.8, and versions from 7.5.0 prior to 7.11.0 allow malicious users to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters.
Atlassian Confluence Server
356
VMScore
CVE-2021-26072
The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote malicious users to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.
Atlassian Confluence Server
Atlassian Confluence Data Center
356
VMScore
CVE-2020-29450
Affected versions of Atlassian Confluence Server and Data Center allow remote malicious users to impact the application's availability via a Denial of Service (DoS) vulnerability in the avatar upload feature. The affected versions are before version 7.2.0.
Atlassian Confluence Server
Atlassian Confluence Data Center
356
VMScore
CVE-2020-24898
The Table Filter and Charts for Confluence Server app prior to 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter).
Stiltsoft Table Filter And Charts For Confluence Server
356
VMScore
CVE-2019-15005
The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration infor...
Atlassian Troubleshooting And Support
Atlassian Bamboo
Atlassian Bitbucket
Atlassian Confluence
Atlassian Crowd
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira
356
VMScore
CVE-2019-3394
There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read arbitrary file on the server under <install-directory>/confluence/WEB-INF ...
Atlassian Confluence Server
Atlassian Confluence
1 Github repository
356
VMScore
CVE-2018-20237
Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.
Atlassian Confluence Server
Atlassian Confluence Data Center
312
VMScore
CVE-2020-29444
Affected versions of Team Calendar in Confluence Server prior to 7.11.0 allow malicious users to inject arbitrary HTML or Javascript via a Cross Site Scripting Vulnerability in admin global setting parameters.
Atlassian Confluence Server
Atlassian Confluence Data Center
312
VMScore
CVE-2020-24897
The Table Filter and Charts for Confluence Server app prior to 5.3.25 (for Atlassian Confluence) allow remote malicious users to inject arbitrary HTML or JavaScript via cross site scripting (XSS) through the provided Markdown markup to the "Table from CSV" macro.
Stiltsoft Table Filter And Charts For Confluence Server
312
VMScore
CVE-2020-14175
Affected versions of Atlassian Confluence Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in user macro parameters. The affected versions are before version 7.4.2, and from version 7.5.0 pri...
Atlassian Confluence Server
Atlassian Confluence Data Center
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »