cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21703,https://securityvulnerability.io/vulnerability/CVE-2024-21703,Confluence Data Center and Server Vulnerability,"This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of Confluence Data Center and Server for Windows installations.



This Security Misconfiguration vulnerability, with a CVSS Score of 6.4 allows an authenticated attacker of the Windows host to read sensitive information about the Confluence Data Center configuration which has high impact to confidentiality, high impact to integrity,  high impact to availability, and no user interaction.



Atlassian recommends that Confluence Data Center and Server customers upgrade to the latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:

* Confluence Data Center and Server 7.19: Upgrade to a release greater than or equal to 7.19.18 
* Confluence Data Center and Server 8.5: Upgrade to a release greater than or equal to 8.5.5
* Confluence Data Center and Server 8.7: Upgrade to a release greater than or equal to 8.7.2
* Confluence Data Center and Server 8.8: Upgrade to a release greater than or equal to 8.8.0



See the release notes (https://confluence.atlassian.com/conf88/confluence-release-notes-1354501008.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives ). 

This vulnerability was reported via our Atlassian Bug Bounty Program by Chris Elliot.",Atlassian,"Confluence Data Center,Confluence Server",,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-27T17:00:01.507Z,0
CVE-2024-21690,https://securityvulnerability.io/vulnerability/CVE-2024-21690,High Severity Reflected XSS and CSRF Vulnerability Affects Atlassian Confluence Products,"The vulnerability allows unauthenticated attackers to execute arbitrary HTML or JavaScript code in the browser of a victim user. This gained access permits attackers to trigger unwanted actions in web applications where the user is currently authenticated, posing significant risks to user confidentiality. The flaw is linked to certain versions of Atlassian Confluence Data Center and Server, which span across major version releases from 7.19.x to 8.9.x. Users are advised to upgrade to specified fixed versions to mitigate potential exploitation. Refer to the release notes for more detailed guidance on upgrading.",Atlassian,"Confluence Data Center,Confluence Server",7.1,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-08-21T16:05:00.394Z,0
CVE-2024-21686,https://securityvulnerability.io/vulnerability/CVE-2024-21686,Stored XSS Vulnerability in Confluence Data Center and Server by Atlassian,"A stored cross-site scripting (XSS) vulnerability has been identified in Confluence Data Center and Server, affecting versions 7.13 and earlier. This vulnerability allows an authenticated attacker to inject and execute arbitrary HTML or JavaScript code in the context of a victim's browser. The exploitation of this vulnerability poses significant risks to the confidentiality and integrity of user data, necessitating immediate attention from affected users. Atlassian advises all customers running vulnerable versions to upgrade to the latest version. For users unable to upgrade, migrating to one of the specified fixed versions is strongly recommended. More details and release notes can be found in Atlassian's documentation.",Atlassian,"Confluence Data Center,Confluence Server",7.3,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-07-16T20:15:00.000Z,0
CVE-2024-21673,https://securityvulnerability.io/vulnerability/CVE-2024-21673,Remote Code Execution Vulnerability in Confluence Data Center and Server by Atlassian,"A notable Remote Code Execution (RCE) vulnerability has been identified in Atlassian's Confluence Data Center and Server, originating from versions 7.13.0 and onwards. This vulnerability allows authenticated attackers to execute arbitrary code remotely, leading to severe risks regarding the confidentiality, integrity, and availability of the affected systems. Notably, the intrusion does not necessitate user interaction, which heightens the risk of unauthorized access to sensitive assets. To mitigate these risks, users are strongly advised to upgrade to the latest supported versions of Confluence, namely 7.19.18 or higher for the 7.19 series, 8.5.5 or higher for the 8.5 series, and 8.7.2 or higher for the 8.7 series. Further details can be found in the Atlassian release notes.",Atlassian,"Confluence Data Center,Confluence Server",8,HIGH,0.0015200000489130616,false,false,false,false,,false,false,2024-01-16T05:00:00.724Z,0
CVE-2024-21672,https://securityvulnerability.io/vulnerability/CVE-2024-21672,Remote Code Execution Vulnerability in Atlassian Confluence Data Center and Server,"A remote code execution vulnerability exists within Atlassian Confluence Data Center and Server, initially introduced in version 2.1.0. This flaw permits an unauthenticated attacker to exploit exposed assets in the affected environment, posing significant risks to confidentiality, integrity, and availability. The vulnerability necessitates user interaction to trigger the exploit, emphasizing the importance of prompt action. Atlassian recommends upgrading to the latest version or specific supported fixed versions for enhanced security. Users of the Confluence Data Center and Server should prioritize these upgrades to mitigate potential security risks.",Atlassian,"Confluence Data Center,Confluence Server",8.3,HIGH,0.0019000000320374966,false,false,false,true,true,false,false,2024-01-16T05:00:00.703Z,0
CVE-2023-22527,https://securityvulnerability.io/vulnerability/CVE-2023-22527,Unauthorized Remote Code Execution Vulnerability Affects Older Versions of Confluence,"A template injection vulnerability exists in older versions of Confluence Data Center and Server, allowing unauthenticated attackers to execute remote code on affected instances. This vulnerability underscores the necessity for users to upgrade to the most recent supported versions, which have been patched against such vulnerabilities. Atlassian has strongly advised customers to promptly apply security updates as outlined in their January Security Bulletin to protect against potential threats. Maintaining an up-to-date environment is crucial to ensure system integrity and safeguard against emerging security risks.",Atlassian,"Confluence Data Center,Confluence Server",9.8,CRITICAL,0.9722899794578552,true,true,true,true,true,true,true,2024-01-16T05:00:00.692Z,19235
CVE-2024-21674,https://securityvulnerability.io/vulnerability/CVE-2024-21674,Remote Code Execution Vulnerability in Confluence Data Center and Server by Atlassian,"A Remote Code Execution vulnerability exists within Atlassian's Confluence Data Center and Server, introduced in version 7.13.0. This flaw enables unauthenticated attackers to execute arbitrary code, potentially exposing sensitive assets within a user's environment. The vulnerability predominantly affects confidentiality, leaving integrity and availability intact, and does not require any user interaction for exploitation. To mitigate risks associated with CVE-2024-21674, it is crucial for users to upgrade to specific versions as recommended by Atlassian, ensuring their systems are safeguarded against potential threats.",Atlassian,"Confluence Data Center,Confluence Server",7.5,HIGH,0.0017800000496208668,false,false,false,false,,false,false,2024-01-16T05:00:00.639Z,0
CVE-2023-22522,https://securityvulnerability.io/vulnerability/CVE-2023-22522,Template Injection Vulnerability in Atlassian Confluence Server and Data Center,"A Template Injection vulnerability exists in Atlassian Confluence which allows an authenticated user, even with anonymous access, to inject harmful user input into Confluence pages. This can lead to Remote Code Execution (RCE), putting affected instances at risk. Notably, Confluence Data Center and Server versions are susceptible, while Atlassian Cloud sites are not impacted by this issue. Administrators should evaluate their environments and apply the necessary patches as per the provided advisory for enhanced security.",Atlassian,"Confluence Data Center,Confluence Server",9,CRITICAL,0.0020000000949949026,false,true,false,true,,false,false,2023-12-06T05:15:00.000Z,0
CVE-2023-22518,https://securityvulnerability.io/vulnerability/CVE-2023-22518,"Unexexploited Vulnerability Affects Confluence Data Center and Server, Leading to Full Loss of Confidentiality, Integrity, and Availability","A significant vulnerability affecting all versions of Atlassian Confluence Data Center and Server allows unauthenticated attackers to exploit an improper authorization flaw. This vulnerability enables the creation of a Confluence instance administrator account, granting unauthorized users extensive administrative privileges. Once access is obtained, attackers can execute a variety of administrative actions within the affected system. The implications of this vulnerability are severe, potentially resulting in a complete compromise of confidentiality, integrity, and availability of the Confluence environment. It is crucial to note that sites hosted on atlassian.net are not affected by this risk.",Atlassian,"Confluence Data Center,Confluence Server",9.8,CRITICAL,0.9694100022315979,true,true,true,true,true,false,false,2023-10-31T15:15:00.000Z,0
CVE-2023-22515,https://securityvulnerability.io/vulnerability/CVE-2023-22515,"Unknown Vulnerability Affects Confluence instances, External Attackers May Create Unauthorized Admin Accounts","Atlassian has identified a vulnerability in its Confluence Data Center and Server products that allows external attackers to create unauthorized administrator accounts. This issue could enable malicious actors to gain unrestricted access to Confluence instances that are publicly accessible. It is important to note that Confluence Cloud sites, hosted under an atlassian.net domain, remain unaffected by this vulnerability. Organizations using the affected versions should address this security risk promptly to safeguard their data.",Atlassian,"Confluence Data Center,Confluence Server",9.8,CRITICAL,0.969730019569397,true,true,true,true,true,false,false,2023-10-04T14:15:00.000Z,0
CVE-2023-22508,https://securityvulnerability.io/vulnerability/CVE-2023-22508,Remote Code Execution Vulnerability in Atlassian Confluence Data Center & Server,"A remote code execution vulnerability in Atlassian Confluence Data Center & Server allows authenticated attackers to execute arbitrary code without user interaction. To mitigate the risk, upgrading to versions 8.2.0 or higher, or specific LTS releases is strongly recommended. If immediate upgrade is not feasible, alternative workarounds are available to disable the JMX network port. This vulnerability, discovered through Atlassian's Bug Bounty program, poses significant risks to the confidentiality, integrity, and availability of affected systems.",Atlassian,"Confluence Data Center,Confluence Server",8.8,HIGH,0.0012700000079348683,false,false,false,false,,false,false,2023-07-18T23:15:00.000Z,0
CVE-2023-22505,https://securityvulnerability.io/vulnerability/CVE-2023-22505,RCE Vulnerability in Confluence Data Center & Server by Atlassian,"A Remote Code Execution vulnerability has been identified in versions of Confluence Data Center & Server starting from 8.0.0. This flaw enables an authenticated attacker to run arbitrary code without user interaction, potentially compromising confidentiality, integrity, and availability of the system. Atlassian strongly advises users to upgrade to the latest version to mitigate risks associated with this vulnerability. If immediate upgrading is not feasible, users should update to fixed versions 8.3.2 or 8.4.0 as detailed in the official release notes.",Atlassian,"Confluence Data Center,Confluence Server",8,HIGH,0.0012700000079348683,false,false,false,false,,false,false,2023-07-18T21:15:00.000Z,0
CVE-2023-22504,https://securityvulnerability.io/vulnerability/CVE-2023-22504,,"Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature.",Atlassian,"Confluence Data Center,Confluence Server",4.3,MEDIUM,0.0008099999977275729,false,false,false,false,,false,false,2023-05-25T14:15:00.000Z,0
CVE-2023-22503,https://securityvulnerability.io/vulnerability/CVE-2023-22503,,"Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. This occurs via an Information Disclosure vulnerability in the macro preview feature.

This vulnerability was reported by Rojan Rijal of the Tinder Security Engineering team.

The affected versions are before version 7.13.15, from version 7.14.0 before 7.19.7, and from version 7.20.0 before 8.2.0.",Atlassian,"Confluence Data Center,Confluence Server",5.3,MEDIUM,0.0010100000072270632,false,false,false,false,,false,false,2023-05-01T17:15:00.000Z,0
CVE-2020-36290,https://securityvulnerability.io/vulnerability/CVE-2020-36290,,"The Livesearch macro in Confluence Server and Data Center before version 7.4.5, from version 7.5.0 before 7.6.3, and from version 7.7.0 before version 7.7.4 allows remote attackers with permission to edit a page or blog to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the page excerpt functionality.",Atlassian,"Confluence Server,Confluence Data Center",5.4,MEDIUM,0.0006600000197067857,false,false,false,false,,false,false,2022-07-26T00:00:00.000Z,0
CVE-2022-26137,https://securityvulnerability.io/vulnerability/CVE-2022-26137,,"A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this vulnerability: Cross-origin resource sharing (CORS) bypass. Sending a specially crafted HTTP request can invoke the Servlet Filter used to respond to CORS requests, resulting in a CORS bypass. An attacker that can trick a user into requesting a malicious URL can access the vulnerable application with the victim’s permissions. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4.",Atlassian,"Bamboo Server,Bamboo Data Center,Bitbucket Server,Bitbucket Data Center,Confluence Server,Confluence Data Center,Crowd Server,Crowd Data Center,Crucible,Fisheye,Jira Core Server,Jira Software Server,Jira Software Data Center,Jira Service Management Server,Jira Service Management Data Center",8.8,HIGH,0.0032999999821186066,false,false,false,false,,false,false,2022-07-20T00:00:00.000Z,0
CVE-2022-26136,https://securityvulnerability.io/vulnerability/CVE-2022-26136,,"A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in authentication bypass and cross-site scripting. Atlassian has released updates that fix the root cause of this vulnerability, but has not exhaustively enumerated all potential consequences of this vulnerability. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4.",Atlassian,"Bamboo Server,Bamboo Data Center,Bitbucket Server,Bitbucket Data Center,Confluence Server,Confluence Data Center,Crowd Server,Crowd Data Center,Crucible,Fisheye,Jira Core Server,Jira Software Server,Jira Software Data Center,Jira Service Management Server,Jira Service Management Data Center",9.8,CRITICAL,0.007739999797195196,false,false,false,false,,false,false,2022-07-20T00:00:00.000Z,0
CVE-2022-26134,https://securityvulnerability.io/vulnerability/CVE-2022-26134,,"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.",Atlassian,"Confluence Data Center,Confluence Server",9.8,CRITICAL,0.973800003528595,true,false,true,true,true,false,false,2022-06-03T22:15:00.000Z,0
CVE-2021-39114,https://securityvulnerability.io/vulnerability/CVE-2021-39114,,"Affected versions of Atlassian Confluence Server and Data Center allow users with a valid account on a Confluence Data Center instance to execute arbitrary Java code or run arbitrary system commands by injecting an OGNL payload. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.",Atlassian,"Confluence Server,Confluence Data Center",8.8,HIGH,0.0009800000116229057,false,false,false,false,,false,false,2022-04-05T04:15:00.000Z,0
CVE-2021-43940,https://securityvulnerability.io/vulnerability/CVE-2021-43940,,"Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. This vulnerability only affects installations of Confluence Server and Data Center on Windows. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.",Atlassian,"Confluence Server,Confluence Data Center",7.8,HIGH,0.000590000010561198,false,false,false,false,,false,false,2022-02-15T04:15:00.000Z,0
CVE-2021-26084,https://securityvulnerability.io/vulnerability/CVE-2021-26084,,"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.",Atlassian,"Confluence Server,Confluence Data Center",9.8,CRITICAL,0.9678500294685364,true,false,true,true,true,false,false,2021-08-30T07:15:00.000Z,0
CVE-2021-26085,https://securityvulnerability.io/vulnerability/CVE-2021-26085,,"Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.",Atlassian,"Confluence Server,Confluence Data Center",5.3,MEDIUM,0.9602599740028381,true,false,true,true,true,false,false,2021-08-03T00:15:00.000Z,0
CVE-2020-29445,https://securityvulnerability.io/vulnerability/CVE-2020-29445,,"Affected versions of Confluence Server before 7.4.8, and versions from 7.5.0 before 7.11.0 allow attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters.",Atlassian,Confluence Server,4.3,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2021-05-07T06:15:00.000Z,0
CVE-2020-29444,https://securityvulnerability.io/vulnerability/CVE-2020-29444,,Affected versions of Team Calendar in Confluence Server before 7.11.0 allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting Vulnerability in admin global setting parameters.,Atlassian,Confluence Server,5.4,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2021-05-07T06:15:00.000Z,0
CVE-2021-26072,https://securityvulnerability.io/vulnerability/CVE-2021-26072,,The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.,Atlassian,"Confluence Server,Confluence Data Center",4.3,MEDIUM,0.0008200000156648457,false,false,false,false,,false,false,2021-04-01T00:00:00.000Z,0