The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.
2021-04-01T19:15:13.623
2024-11-21T05:55:48.897
Modified
CVSSv3.1: 4.3 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | atlassian | confluence_data_center | < 5.8.6 | Yes |
Application | atlassian | confluence_server | < 5.8.6 | Yes |