Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
confluence vulnerabilities and exploits
(subscribe to this query)
8.9
CVSSv3
CVE-2020-24897
The Table Filter and Charts for Confluence Server app prior to 5.3.25 (for Atlassian Confluence) allow remote malicious users to inject arbitrary HTML or JavaScript via cross site scripting (XSS) through the provided Markdown markup to the "Table from CSV" macro.
Stiltsoft Table Filter And Charts For Confluence Server
6.5
CVSSv3
CVE-2020-24898
The Table Filter and Charts for Confluence Server app prior to 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter).
Stiltsoft Table Filter And Charts For Confluence Server
4.3
CVSSv3
CVE-2019-15005
The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration infor...
Atlassian Troubleshooting And Support
Atlassian Jira
Atlassian Bitbucket
Atlassian Confluence
Atlassian Crowd
Atlassian Fisheye
Atlassian Crucible
Atlassian Bamboo
NA
CVE-2012-2928
The Gliffy plugin prior to 3.7.1 for Atlassian JIRA, and prior to 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote malicious users to read arbitrary files or cause a denial of service (resource consumption) ...
Atlassian Jira
Gliffy Gliffy
Gliffy Gliffy 1.0.1
Gliffy Gliffy 2.0.0
Gliffy Gliffy 2.0.1
Gliffy Gliffy 2.1.0
Gliffy Gliffy 2.1.1
Gliffy Gliffy 2.1.2
Gliffy Gliffy 2.1.3
Gliffy Gliffy 2.2.0
Gliffy Gliffy 2.2.1
Gliffy Gliffy 2.2.2
Gliffy Gliffy 3.0.0
Gliffy Gliffy 3.0.1
Gliffy Gliffy 3.0.2
Gliffy Gliffy 3.0.3
Gliffy Gliffy 3.0.4
Gliffy Gliffy 3.0.5
Gliffy Gliffy 3.1.0
Gliffy Gliffy 3.1.1
Gliffy Gliffy 3.1.2
Gliffy Gliffy 3.1.3
8.1
CVSSv3
CVE-2016-10750
In Hazelcast prior to 3.11, the cluster join procedure is vulnerable to remote code execution via Java deserialization. If an attacker can reach a listening Hazelcast instance with a crafted JoinRequest, and vulnerable classes exist in the classpath, the attacker can run arbitrar...
Hazelcast Hazelcast
1 Article
NA
CVE-2024-21677
This High severity Path Traversal vulnerability was introduced in version 6.13.0 of Confluence Data Center. This Path Traversal vulnerability, with a CVSS Score of 8.3, allows an unauthenticated malicious user to exploit an undefinable vulnerability which has high impact to confi...
9.8
CVSSv3
CVE-2019-10100
In JetBrains YouTrack Confluence plugin versions prior to 1.8.1.3, it was possible to achieve Server Side Template Injection. The attacker could add an Issue macro to the page in Confluence, and use a combination of a valid id field and specially crafted code in the link-text-tem...
Jetbrains Youtrack Integration
7.5
CVSSv3
CVE-2018-18289
The MESILAT Zabbix plugin prior to 1.1.15 for Atlassian Confluence allows malicious users to read arbitrary files.
Mesilat Zabbix
6.1
CVSSv3
CVE-2021-37412
The TechRadar app 1.1 for Confluence Server allows XSS via the Title field of a Radar.
It-economics Techradar 1.1
5.4
CVSSv3
CVE-2023-30452
The MoroSystems EasyMind - Mind Maps plugin prior to 2.15.0 for Confluence allows persistent XSS when saving a Mind Map with the hyperlink parameter.
Morosystems Easymind
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »