The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote malicious users to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
atlassian confluence server |
||
atlassian confluence data center |
Vulmon