Atlassian Confluence_server
5 CVEs affecting Atlassian Confluence_server. Latest disclosed: 2017-04-27. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2012-2926 | Critical | 9.1 | 2012-05-22 | Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 be… |
CVE-2017-7415 | High | 7.5 | 2017-04-27 | Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource. |
CVE-2016-6668 | High | 7.5 | 2017-01-23 | The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.2… |
CVE-2012-6342 | | 2014-05-13 | Cross-site request forgery (CSRF) vulnerability in logout.action in Atlassian Confluence 3.4.6 allows remote attackers to hijack the authentication of administ… | |
CVE-2012-2928 | | 2012-05-22 | The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML pars… |