Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
confluence vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-18083
The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of an uploaded file.
Atlassian Confluence
4.3
CVSSv2
CVE-2017-18086
Various resources in Atlassian Confluence Server before version 6.4.2 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuesURL parameter.
Atlassian Confluence
3.5
CVSSv2
CVE-2017-18084
The usermacros resource in Atlassian Confluence Server before version 6.3.4 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the description of a macro.
Atlassian Confluence
5.5
CVSSv2
CVE-2017-9513
Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows remote authenticated malicious users to watch any Confluence page & receive notifications when comments are added to the watched page, and vote & watch JIRA issues that they do ...
Atlassian Activity Streams
4.3
CVSSv2
CVE-2017-16856
The RSS Feed macro in Atlassian Confluence before version 6.5.2 allows remote malicious users to inject arbitrary HTML or JavaScript via cross site scripting (XSS) vulnerabilities in various rss properties which were used as links without restriction on their scheme.
Atlassian Confluence
4
CVSSv2
CVE-2017-9505
Atlassian Confluence starting with 4.3.0 prior to 6.2.1 did not check if a user had permission to view a page when creating a workbox notification about new comments. An attacker who can login to Confluence could receive workbox notifications, which contain the content of comment...
Atlassian Confluence
5
CVSSv2
CVE-2017-7415
Atlassian Confluence 6.x prior to 6.0.7 allows remote malicious users to bypass authentication and read any blog or page via the drafts diff REST resource.
Atlassian Confluence Server 6.0.1
Atlassian Confluence Server 6.0.3
Atlassian Confluence Server 6.0.4
Atlassian Confluence Server 6.0.5
Atlassian Confluence Server 6.0.6
Atlassian Confluence Server 6.0.2
Atlassian Confluence Server 6.0.0
3.5
CVSSv2
CVE-2016-4317
Atlassian Confluence Server prior to 5.9.11 has XSS on the viewmyprofile.action page.
Atlassian Confluence
5
CVSSv2
CVE-2016-6668
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 prior to 6.27.5, 6.28.0 prior to 7.3.7, and 7.4.0 prior to 7.8.17; Confluence HipChat plugin 6.26.0 prior to 7.8.17; and HipChat for JIRA plugin 6.26.0 prior to 7.8.17 allows remote malicious users to obtain the...
Atlassian Confluence Server 5.5.0
Atlassian Confluence Server 5.9.6
Atlassian Confluence Server 5.9.5
Atlassian Confluence Server 5.9.8
Atlassian Confluence Server 5.9.7
Atlassian Confluence Server 5.9.2
Atlassian Confluence Server 5.9.1
Atlassian Confluence Server 5.9.4
Atlassian Confluence Server 5.9.3
Atlassian Confluence Server 5.10.1
Atlassian Confluence Server 5.9.10
Atlassian Confluence Server 5.9.11
Atlassian Confluence Server 5.9.12
Atlassian Confluence Server 5.10.0
Atlassian Confluence Server 5.10.2
Atlassian Confluence Server 5.9.9
Atlassian Confluence Server 5.10.3
Atlassian Jira Integration For Hipchat 7.4.1
Atlassian Jira Integration For Hipchat 7.3.3
Atlassian Jira Integration For Hipchat 6.26.0
Atlassian Jira Integration For Hipchat 7.1.0
Atlassian Jira Integration For Hipchat 6.26.10
4.3
CVSSv2
CVE-2016-6283
Cross-site scripting (XSS) vulnerability in Atlassian Confluence prior to 5.10.6 allows remote malicious users to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action.
Atlassian Confluence
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »