Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
confluence vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-26084
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated malicious user to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from ve...
Atlassian Confluence Server
Atlassian Confluence Data Center
47 Github repositories
2 Articles
5.3
CVSSv3
CVE-2023-22503
Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote malicious users to view the names of attachments and labels in a private Confluence space. This occurs via an Information Disclosure vulnerability in the macro preview feature. This vulnerabil...
Atlassian Confluence Data Center
Atlassian Confluence Server
8.8
CVSSv3
CVE-2023-22526
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 7.19.0 of Confluence Data Center. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated malicious user to execute arbitrary code which has high impac...
Atlassian Confluence Data Center
Atlassian Confluence Server
7.5
CVSSv3
CVE-2016-6668
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 prior to 6.27.5, 6.28.0 prior to 7.3.7, and 7.4.0 prior to 7.8.17; Confluence HipChat plugin 6.26.0 prior to 7.8.17; and HipChat for JIRA plugin 6.26.0 prior to 7.8.17 allows remote malicious users to obtain the...
Atlassian Confluence Server 5.5.0
Atlassian Confluence Server 5.9.6
Atlassian Confluence Server 5.9.5
Atlassian Confluence Server 5.9.8
Atlassian Confluence Server 5.9.7
Atlassian Confluence Server 5.9.2
Atlassian Confluence Server 5.9.1
Atlassian Confluence Server 5.9.4
Atlassian Confluence Server 5.9.3
Atlassian Confluence Server 5.10.1
Atlassian Confluence Server 5.10.0
Atlassian Confluence Server 5.10.3
Atlassian Confluence Server 5.10.2
Atlassian Confluence Server 5.9.10
Atlassian Confluence Server 5.9.9
Atlassian Confluence Server 5.9.12
Atlassian Confluence Server 5.9.11
Atlassian Jira Integration For Hipchat 7.4.1
Atlassian Jira Integration For Hipchat 7.3.3
Atlassian Jira Integration For Hipchat 6.26.0
Atlassian Jira Integration For Hipchat 7.1.0
Atlassian Jira Integration For Hipchat 6.26.10
4.3
CVSSv3
CVE-2015-8399
Atlassian Confluence prior to 5.8.17 allows remote authenticated users to read configuration files via the decoratorName parameter to (1) spaces/viewdefaultdecorator.action or (2) admin/viewdefaultdecorator.action.
Atlassian Confluence
1 EDB exploit
6.1
CVSSv3
CVE-2017-18085
The viewdefaultdecorator resource in Atlassian Confluence Server before version 6.6.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the key parameter.
Atlassian Confluence
6.1
CVSSv3
CVE-2015-8398
Cross-site scripting (XSS) vulnerability in Atlassian Confluence prior to 5.8.17 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to rest/prototype/1/session/check.
Atlassian Confluence
1 EDB exploit
4.3
CVSSv3
CVE-2017-9505
Atlassian Confluence starting with 4.3.0 prior to 6.2.1 did not check if a user had permission to view a page when creating a workbox notification about new comments. An attacker who can login to Confluence could receive workbox notifications, which contain the content of comment...
Atlassian Confluence
5.4
CVSSv3
CVE-2017-18083
The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of an uploaded file.
Atlassian Confluence
6.1
CVSSv3
CVE-2017-18086
Various resources in Atlassian Confluence Server before version 6.4.2 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuesURL parameter.
Atlassian Confluence
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »