Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-29444: [CONFSERVER-61266] Persistent XSS through Team Calendar in Confluence Server - CVE-2020-29444

Affected versions of Team Calendar in Confluence Server before 7.11.0 allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting Vulnerability in admin global setting parameters.

CVE
#xss#vulnerability#apple#java

Affected versions of Team Calendar in Confluence Server allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting vulnerability in admin global setting parameters.

Affected versions:

  • < 7.11.0

Fixed version:

  • 7.11.0

This vulnerability is attributed to Stefano Castilletti, a security researcher from Apple.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907