Affected versions of Team Calendar in Confluence Server prior to 7.11.0 allow malicious users to inject arbitrary HTML or Javascript via a Cross Site Scripting Vulnerability in admin global setting parameters.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
atlassian confluence server |
||
atlassian confluence data center |
Vulmon