Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian confluence server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-6342
Cross-site request forgery (CSRF) vulnerability in logout.action in Atlassian Confluence 3.4.6 allows remote malicious users to hijack the authentication of administrators for requests that logout the user via a comment.
Atlassian Confluence Server 3.4.6
9.8
CVSSv3
CVE-2022-26138
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded passw...
Atlassian Questions For Confluence 2.7.34
Atlassian Questions For Confluence 2.7.35
Atlassian Questions For Confluence 3.0.2
3 Github repositories
2 Articles
5.4
CVSSv3
CVE-2016-4317
Atlassian Confluence Server prior to 5.9.11 has XSS on the viewmyprofile.action page.
Atlassian Confluence
6.1
CVSSv3
CVE-2017-18086
Various resources in Atlassian Confluence Server before version 6.4.2 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuesURL parameter.
Atlassian Confluence
6.1
CVSSv3
CVE-2017-18085
The viewdefaultdecorator resource in Atlassian Confluence Server before version 6.6.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the key parameter.
Atlassian Confluence
5.4
CVSSv3
CVE-2017-18083
The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of an uploaded file.
Atlassian Confluence
4.8
CVSSv3
CVE-2017-18084
The usermacros resource in Atlassian Confluence Server before version 6.3.4 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the description of a macro.
Atlassian Confluence
4.3
CVSSv3
CVE-2019-15005
The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration infor...
Atlassian Troubleshooting And Support
Atlassian Bamboo
Atlassian Bitbucket
Atlassian Confluence
Atlassian Crowd
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira
6.5
CVSSv3
CVE-2020-24898
The Table Filter and Charts for Confluence Server app prior to 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter).
Stiltsoft Table Filter And Charts For Confluence Server
8.9
CVSSv3
CVE-2020-24897
The Table Filter and Charts for Confluence Server app prior to 5.3.25 (for Atlassian Confluence) allow remote malicious users to inject arbitrary HTML or JavaScript via cross site scripting (XSS) through the provided Markdown markup to the "Table from CSV" macro.
Stiltsoft Table Filter And Charts For Confluence Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-54130
firmware
CVE-2024-42327
CVE-2024-42448
CVE-2024-54126
CVE-2024-53846
CVE-2024-38920
XPath injection
HTML injection
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »