CVE-2021-26072

Summary

The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.

Affected Software

VendorProductVersion RangeStatus
AtlassianConfluence Serverunspecified < 5.8.6affected
AtlassianConfluence Data Centerunspecified < 5.8.6affected

Weaknesses

  • Server Side Request Forgery (SSRF)

ADP Enrichment

CVE Program Container

Additional References

References