Affected versions of Team Calendar in Confluence Server prior to 7.11.0 allow malicious users to inject arbitrary HTML or Javascript via a Cross Site Scripting Vulnerability in admin global setting parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian confluence server |
||
atlassian confluence data center |