CVE-2020-29444

Summary

Affected versions of Team Calendar in Confluence Server before 7.11.0 allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting Vulnerability in admin global setting parameters.

Affected Software

VendorProductVersion RangeStatus
AtlassianConfluence Serverunspecified < 7.11.0affected

Weaknesses

  • Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References