-
Type:
Public Security Vulnerability
-
Resolution: Fixed
-
Priority:
Low
-
Affects Version/s: 7.4.6
-
Component/s: None
-
4.3
-
Medium
-
CVE-2020-29445
Affected versions of Confluence Server allow attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters.
Affected versions:
- < 7.11.0
Fixed versions:
- 7.11.0
- 7.4.8 (LTS)
This vulnerability is attributed to Stefano Castilletti, a security researcher at Apple.