Loading...

Log In
Published

XML

Word

Printable

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: TC-6.1.8, TC-7.0.7, 7.11.0
Affects Version/s: 7.4.4, 7.9.0
Component/s: None
Labels:

CVSS Score:
5.4
CVSS Severity:
Medium
CVE ID:
CVE-2020-29444

Affected versions of Team Calendar in Confluence Server allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting vulnerability in admin global setting parameters.

Affected versions:

< 7.11.0

Fixed version:

7.11.0

This vulnerability is attributed to Stefano Castilletti, a security researcher from Apple.

mentioned in: Page Loading...

Assignee:: Unassigned
Reporter:: Security Metrics Bot
Votes:: 0 Vote for this issue
Watchers:: 9 Start watching this issue

Created:: 22/Feb/2021 4:54 AM
Updated:: 21/Feb/2023 3:40 PM
Resolved:: 07/May/2021 6:01 AM

Details

Description

Affected versions:

Fixed version:

Attachments

Issue Links

Activity

People

Dates