Vulnerability in Atlassian Confluence
CVE-2018-13389
The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml.
EPSS: 0.002 (36.4th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Confluence — versions unspecified
References
- jira.atlassian.com/browse/CONFSERVER-54906 (x_refsource_CONFIRM)
- 104755 (vdb-entry, x_refsource_BID)