9.8
CVSSv3

CVE-2019-3395

Published: 25/03/2019 Updated: 21/11/2024

Vulnerability Summary

The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 prior to 6.8.5 (the fixed version for 6.8.x), and from version 6.9.0 prior to 6.9.3 (the fixed version for 6.9.x) allows remote malicious users to send arbitrary HTTP and WebDAV requests from a Confluence Server or Data Center instance via Server-Side Request Forgery.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

atlassian confluence

atlassian confluence server