IDCVSSSummaryLast (major) updatePublished
CVE-2012-2926 6.4
Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; Bamboo before 3.3.4 and 3.4.x before 3.4.5; and Crowd before 2.0.9, 2.1 before
13-12-2021 - 16:01 22-05-2012 - 15:55
CVE-2021-37412 4.3
The TechRadar app 1.1 for Confluence Server allows XSS via the Title field of a Radar.
23-09-2021 - 20:17 15-09-2021 - 17:15
CVE-2020-14175 3.5
Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in user macro parameters. The affected versions are before version 7.4.2, an
30-03-2022 - 13:28 24-07-2020 - 07:15
CVE-2020-4027 6.5
Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected vers
13-12-2021 - 16:05 01-07-2020 - 02:15
CVE-2018-20237 4.0
Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.
13-12-2021 - 16:05 13-02-2019 - 18:29
CVE-2019-3395 7.5
The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 before 6.8.5 (the fixed version for 6.8.x), and from version 6.9.0 before 6.9.3 (the fixed version for 6.9.x) al
13-12-2021 - 16:05 25-03-2019 - 19:29
CVE-2019-20406 4.4
The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path envi
13-12-2021 - 16:05 06-02-2020 - 03:15
CVE-2019-3396 10.0
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from
13-12-2021 - 16:05 25-03-2019 - 19:29
CVE-2021-26085 5.0
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.
01-01-2022 - 17:55 03-08-2021 - 00:15
CVE-2021-26084 7.5
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before
30-03-2022 - 13:29 30-08-2021 - 07:15
Back to Top Mark selected
Back to Top