Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian confluence data center vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-26084
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated malicious user to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from ve...
Atlassian Confluence Server
Atlassian Confluence Data Center
47 Github repositories
2 Articles
NA
CVE-2024-21672
This High severity Remote Code Execution (RCE) vulnerability was introduced in version 2.1.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.3 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H allows an unaut...
Atlassian Confluence Data Center
Atlassian Confluence Server
1 Github repository
NA
CVE-2024-21673
This High severity Remote Code Execution (RCE) vulnerability was introduced in versions 7.13.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.0 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H allows an aut...
Atlassian Confluence Data Center
Atlassian Confluence Server
NA
CVE-2024-21674
This High severity Remote Code Execution (RCE) vulnerability was introduced in version 7.13.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N allows an unau...
Atlassian Confluence Data Center
Atlassian Confluence Server
3.5
CVSSv2
CVE-2018-20239
Application Links before version 5.0.11, from version 5.1.0 prior to 5.2.10, from version 5.3.0 prior to 5.3.6, from version 5.4.0 prior to 5.4.12, and from version 6.0.0 prior to 6.0.4 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scriptin...
Atlassian Application Links
Atlassian Fisheye
Atlassian Crucible
Atlassian Jira Server
Atlassian Jira Data Center
Atlassian Confluence Data Center
Atlassian Confluence Server
Atlassian Crowd
NA
CVE-2022-26136
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in au...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Jira Service Management
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Crucible
Atlassian Fisheye
Atlassian Crowd 5.0.0
Atlassian Crowd
Atlassian Bitbucket 8.1.0
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket
Atlassian Bamboo
Atlassian Jira Service Desk
1 Article
NA
CVE-2022-26137
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with t...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Jira Service Management
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Crucible
Atlassian Fisheye
Atlassian Crowd 5.0.0
Atlassian Crowd
Atlassian Bitbucket 8.1.0
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket
Atlassian Bamboo
Atlassian Jira Service Desk
1 Article
NA
CVE-2022-42977
The Netic User Export add-on prior to 1.3.5 for Atlassian Confluence has the functionality to generate a list of users in the application, and export it. During export, the HTTP request has a fileName parameter that accepts any file on the system (e.g., an SSH private key) to be ...
Atlassian Confluence Data Center
NA
CVE-2022-42978
In the Netic User Export add-on prior to 1.3.5 for Atlassian Confluence, authorization is mishandled. An unauthenticated attacker could access files on the remote system.
Atlassian Confluence Data Center
7.5
CVSSv2
CVE-2019-3395
The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 prior to 6.8.5 (the fixed version for 6.8.x), and from version 6.9.0 prior to 6.9.3 (the fixed version for 6.9.x) allows remote malicious user...
Atlassian Confluence
Atlassian Confluence Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »