CVE-2020-29444
published 2021-05-07CVE-2020-29444: Affected versions of Team Calendar in Confluence Server before 7.11.0 allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
Affected versions of Team Calendar in Confluence Server before 7.11.0 allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting Vulnerability in admin global setting parameters.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | confluence_data_center | < 7.11.0 | 7.11.0 |
| atlassian | confluence_server | < 7.11.0 | 7.11.0 |
| atlassian | confluence_server | >= unspecified < 7.11.0 | 7.11.0 |