Cross site scripting vulnerability in Atlassian confluence - CVE-2020-29444 (linux)ID: oval:org.secpod.oval:def:74414 | Date: (C)2021-08-18 (M)2023-05-30 |
Class: VULNERABILITY | Family: unix |
The host is installed with Confluence Server before 7.11.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle admin global setting parameters. Successful exploitation allows attackers to inject arbitrary HTML or javascript.
Product: |
Atlassian Confluence Server |