Vulnerabilities (CVE)

Filtered by vendor Atlassian Subscribe
Filtered by product Confluence
Total 22 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3398 1 Atlassian 2 Confluence, Confluence Server 2022-04-12 9.0 HIGH 8.8 HIGH
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.
CVE-2020-4027 1 Atlassian 2 Confluence, Confluence Server 2021-12-13 6.5 MEDIUM 4.7 MEDIUM
Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version 7.5.0 before 7.5.1.
CVE-2019-3396 1 Atlassian 2 Confluence, Confluence Server 2021-12-13 10.0 HIGH 9.8 CRITICAL
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
CVE-2019-3394 1 Atlassian 2 Confluence, Confluence Server 2021-12-13 4.0 MEDIUM 8.8 HIGH
There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read arbitrary file on the server under <install-directory>/confluence/WEB-INF directory, which may contain configuration files used for integrating with other services, which could potentially leak credentials or other sensitive information such as LDAP credentials. The LDAP credential will be potentially leaked only if the Confluence server is configured to use LDAP as user repository. All versions of Confluence Server from 6.1.0 before 6.6.16 (the fixed version for 6.6.x), from 6.7.0 before 6.13.7 (the fixed version for 6.13.x), and from 6.14.0 before 6.15.8 (the fixed version for 6.15.x) are affected by this vulnerability.
CVE-2019-3395 1 Atlassian 2 Confluence, Confluence Server 2021-12-13 7.5 HIGH 9.8 CRITICAL
The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 before 6.8.5 (the fixed version for 6.8.x), and from version 6.9.0 before 6.9.3 (the fixed version for 6.9.x) allows remote attackers to send arbitrary HTTP and WebDAV requests from a Confluence Server or Data Center instance via Server-Side Request Forgery.
CVE-2019-20406 2 Atlassian, Microsoft 3 Confluence, Confluence Server, Windows 2021-12-13 4.4 MEDIUM 7.8 HIGH
The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path environmental variable variable to inject code & escalate their privileges via a DLL hijacking vulnerability.
CVE-2019-15006 1 Atlassian 2 Confluence, Confluence Server 2021-12-13 5.8 MEDIUM 6.5 MEDIUM
There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in Confluence Server and Confluence Data Center. This plugin was used to facilitate communication with the Atlassian Companion application. The Confluence Previews plugin in Confluence Server and Confluence Data Center communicated with the Companion application via the atlassian-domain-for-localhost-connections-only.com domain name, the DNS A record of which points at 127.0.0.1. Additionally, a signed certificate for the domain was publicly distributed with the Companion application. An attacker in the position to control DNS resolution of their victim could carry out a man-in-the-middle (MITM) attack between Confluence Server (or Confluence Data Center) and the atlassian-domain-for-localhost-connections-only.com domain intended to be used with the Companion application. This certificate has been revoked, however, usage of the atlassian-domain-for-localhost-connections-only.com domain name was still present in Confluence Server and Confluence Data Center. An attacker could perform the described attack by denying their victim access to certificate revocation information, and carry out a man-in-the-middle (MITM) attack to observe files being edited using the Companion application and/or modify them, and access some limited user information.
CVE-2012-2926 1 Atlassian 7 Bamboo, Confluence, Confluence Server and 4 more 2021-12-13 6.4 MEDIUM 9.1 CRITICAL
Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; Bamboo before 3.3.4 and 3.4.x before 3.4.5; and Crowd before 2.0.9, 2.1 before 2.1.2, 2.2 before 2.2.9, 2.3 before 2.3.7, and 2.4 before 2.4.1 do not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
CVE-2021-37412 2 Atlassian, It-economics 2 Confluence, Techradar 2021-09-23 4.3 MEDIUM 6.1 MEDIUM
The TechRadar app 1.1 for Confluence Server allows XSS via the Title field of a Radar.
CVE-2017-9505 1 Atlassian 1 Confluence 2020-07-21 4.0 MEDIUM 4.3 MEDIUM
Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if a user had permission to view a page when creating a workbox notification about new comments. An attacker who can login to Confluence could receive workbox notifications, which contain the content of comments, for comments added to a page after they started watching it even if they do not have permission to view the page itself.
CVE-2019-15005 1 Atlassian 8 Bamboo, Bitbucket, Confluence and 5 more 2019-11-14 4.0 MEDIUM 4.3 MEDIUM
The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration information about the application that the plugin is installed into. A vulnerable version of the plugin is included with Bitbucket Server / Data Center before 6.6.0, Confluence Server / Data Center before 7.0.1, Jira Server / Data Center before 8.3.2, Crowd / Crowd Data Center before 3.6.0, Fisheye before 4.7.2, Crucible before 4.7.2, and Bamboo before 6.10.2.
CVE-2017-18086 1 Atlassian 1 Confluence 2019-04-26 4.3 MEDIUM 6.1 MEDIUM
Various resources in Atlassian Confluence Server before version 6.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuesURL parameter.
CVE-2017-18085 1 Atlassian 1 Confluence 2019-04-26 4.3 MEDIUM 6.1 MEDIUM
The viewdefaultdecorator resource in Atlassian Confluence Server before version 6.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the key parameter.
CVE-2017-18084 1 Atlassian 1 Confluence 2019-04-26 3.5 LOW 4.8 MEDIUM
The usermacros resource in Atlassian Confluence Server before version 6.3.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the description of a macro.
CVE-2015-8399 1 Atlassian 1 Confluence 2018-10-09 4.0 MEDIUM 4.3 MEDIUM
Atlassian Confluence before 5.8.17 allows remote authenticated users to read configuration files via the decoratorName parameter to (1) spaces/viewdefaultdecorator.action or (2) admin/viewdefaultdecorator.action.
CVE-2015-8398 1 Atlassian 1 Confluence 2018-10-09 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.8.17 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to rest/prototype/1/session/check.
CVE-2018-13389 1 Atlassian 1 Confluence 2018-09-07 4.3 MEDIUM 4.7 MEDIUM
The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml.
CVE-2016-4317 1 Atlassian 1 Confluence 2018-02-16 3.5 LOW 5.4 MEDIUM
Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page.
CVE-2017-18083 1 Atlassian 1 Confluence 2018-02-15 3.5 LOW 5.4 MEDIUM
The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of an uploaded file.
CVE-2017-16856 1 Atlassian 1 Confluence 2017-12-19 4.3 MEDIUM 6.1 MEDIUM
The RSS Feed macro in Atlassian Confluence before version 6.5.2 allows remote attackers to inject arbitrary HTML or JavaScript via cross site scripting (XSS) vulnerabilities in various rss properties which were used as links without restriction on their scheme.