Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version 7.5.0 before 7.5.1.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: atlassian

Published: 2020-07-01T01:35:29.292383Z

Updated: 2024-09-17T01:56:01.138Z

Reserved: 2019-12-30T00:00:00

Link: CVE-2020-4027

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-07-01T02:15:12.350

Modified: 2024-11-21T05:32:10.850

Link: CVE-2020-4027

cve-icon Redhat

No data.