exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2024-21678

больше 1 года назад

This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center. This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction. Data Center Atlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions: ||Affected versions||Fixed versions|| |from 8.7.0 to 8.7.1|8.8.0 recommended or 8.7.2| |from 8.6.0 to 8.6.1|8.8.0 recommended| |from 8.5.0 to 8.5.4 LTS|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS| |from 8.4.0 to 8.4.5|8.8.0 recommended or 8.5.6 LTS| |from 8.3.0 to 8.3.4|8.8.0 recommended or 8.5.6 LTS| |from 8.2.0 to 8.2.3|8.8.0 recommended or 8.5.6 LTS| |from 8.1.0 to 8.1.4|8.8.0 recommended o

CVSS3: 8.5

EPSS: Низкий

GHSA-hvfx-qp2c-x42h

больше 1 года назад

This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center. This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction. Data Center Atlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions: ||Affected versions||Fixed versions|| |from 8.7.0 to 8.7.1|8.8.0 recommended or 8.7.2| |from 8.6.0 to 8.6.1|8.8.0 recommended| |from 8.5.0 to 8.5.4 LTS|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS| |from 8.4.0 to 8.4.5|8.8.0 recommended or 8.5.6 LTS| |from 8.3.0 to 8.3.4|8.8.0 recommended or 8.5.6 LTS| |from 8.2.0 to 8.2.3|8.8.0 recommended or 8.5.6 LTS| |from 8.1.0 to 8.1.4|8.8.0 recommended or 8.5.6 LT...

CVSS3: 8.5

EPSS: Низкий

BDU:2024-01509

больше 1 года назад

Уязвимость веб-сервера Atlassian Confluence Server и дата центра Confluence Data Center, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю выполнить произвольный код

CVSS3: 8.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-21678 This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center. This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction. Data Center Atlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions: \|\|Affected versions\|\|Fixed versions\|\| \|from 8.7.0 to 8.7.1\|8.8.0 recommended or 8.7.2\| \|from 8.6.0 to 8.6.1\|8.8.0 recommended\| \|from 8.5.0 to 8.5.4 LTS\|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS\| \|from 8.4.0 to 8.4.5\|8.8.0 recommended or 8.5.6 LTS\| \|from 8.3.0 to 8.3.4\|8.8.0 recommended or 8.5.6 LTS\| \|from 8.2.0 to 8.2.3\|8.8.0 recommended or 8.5.6 LTS\| \|from 8.1.0 to 8.1.4\|8.8.0 recommended o	CVSS3: 8.5	1% Низкий	больше 1 года назад
GHSA-hvfx-qp2c-x42h This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center. This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction. Data Center Atlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions: \|\|Affected versions\|\|Fixed versions\|\| \|from 8.7.0 to 8.7.1\|8.8.0 recommended or 8.7.2\| \|from 8.6.0 to 8.6.1\|8.8.0 recommended\| \|from 8.5.0 to 8.5.4 LTS\|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS\| \|from 8.4.0 to 8.4.5\|8.8.0 recommended or 8.5.6 LTS\| \|from 8.3.0 to 8.3.4\|8.8.0 recommended or 8.5.6 LTS\| \|from 8.2.0 to 8.2.3\|8.8.0 recommended or 8.5.6 LTS\| \|from 8.1.0 to 8.1.4\|8.8.0 recommended or 8.5.6 LT...	CVSS3: 8.5	1% Низкий	больше 1 года назад
BDU:2024-01509 Уязвимость веб-сервера Atlassian Confluence Server и дата центра Confluence Data Center, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю выполнить произвольный код	CVSS3: 8.5	1% Низкий	больше 1 года назад

Уязвимостей на страницу