Vulnerability in Atlassian Confluence
CVE-2017-18084
The usermacros resource in Atlassian Confluence Server before version 6.3.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the description of a macro.
EPSS: 0.001 (31.9th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Confluence — versions prior to 6.3.4
References
- jira.atlassian.com/browse/CONFSERVER-54904 (x_refsource_CONFIRM)
- 103064 (vdb-entry, x_refsource_BID)