Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian confluence vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-13389
The attachment resource in Atlassian Confluence before version 6.6.1 allows remote malicious users to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml.
Atlassian Confluence
383
VMScore
CVE-2017-18085
The viewdefaultdecorator resource in Atlassian Confluence Server before version 6.6.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the key parameter.
Atlassian Confluence
383
VMScore
CVE-2017-18086
Various resources in Atlassian Confluence Server before version 6.4.2 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuesURL parameter.
Atlassian Confluence
383
VMScore
CVE-2017-16856
The RSS Feed macro in Atlassian Confluence before version 6.5.2 allows remote malicious users to inject arbitrary HTML or JavaScript via cross site scripting (XSS) vulnerabilities in various rss properties which were used as links without restriction on their scheme.
Atlassian Confluence
383
VMScore
CVE-2011-4822
Multiple cross-site scripting (XSS) vulnerabilities in the user profile feature in Atlassian FishEye prior to 2.5.5 allow remote malicious users to inject arbitrary web script or HTML via (1) snippets in a user comment, which is not properly handled in a Confluence page, or (2) t...
Atlassian Fisheye 2.4.5
Atlassian Fisheye 2.4.4
Atlassian Fisheye 2.3.6
Atlassian Fisheye 2.3.5
Atlassian Fisheye 2.2.0
Atlassian Fisheye 2.1.4
Atlassian Fisheye 2.0.4
Atlassian Fisheye 2.0.3
Atlassian Fisheye 1.6.6
Atlassian Fisheye 1.6.5.a
Atlassian Fisheye 1.5.2
Atlassian Fisheye 1.5.1
Atlassian Fisheye 2.5.0
Atlassian Fisheye 2.4.6
Atlassian Fisheye 2.3.8
Atlassian Fisheye 2.3.7
Atlassian Fisheye 2.2.3
Atlassian Fisheye 2.2.1
Atlassian Fisheye 2.0.6
Atlassian Fisheye 2.0.5
Atlassian Fisheye 2.0
Atlassian Fisheye 1.5.4
383
VMScore
CVE-2005-3967
Cross-site scripting (XSS) vulnerability in the dosearchsite.action module in Atlassian Confluence 2.0.1 Build 321 allows remote malicious users to inject arbitrary web script or HTML via the searchQuery.queryString search module parameter.
Atlassian Confluence 2.0.1 Build 321
356
VMScore
CVE-2020-29445
Affected versions of Confluence Server prior to 7.4.8, and versions from 7.5.0 prior to 7.11.0 allow malicious users to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters.
Atlassian Confluence Server
356
VMScore
CVE-2021-26072
The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote malicious users to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.
Atlassian Confluence Server
Atlassian Confluence Data Center
356
VMScore
CVE-2020-29450
Affected versions of Atlassian Confluence Server and Data Center allow remote malicious users to impact the application's availability via a Denial of Service (DoS) vulnerability in the avatar upload feature. The affected versions are before version 7.2.0.
Atlassian Confluence Server
Atlassian Confluence Data Center
356
VMScore
CVE-2020-24898
The Table Filter and Charts for Confluence Server app prior to 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter).
Stiltsoft Table Filter And Charts For Confluence Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »