Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version 7.5.0 before 7.5.1.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/CONFSERVER-59898 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2020-07-01T01:35:29.292383Z
Updated: 2024-09-17T01:56:01.138Z
Reserved: 2019-12-30T00:00:00
Link: CVE-2020-4027
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-07-01T02:15:12.350
Modified: 2024-11-21T05:32:10.850
Link: CVE-2020-4027
Redhat
No data.