Vulnerabilities > CVE-2020-35121 - Unspecified vulnerability in Keysight Database Connector

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

keysight

NVD

Published: 2020-12-15

Updated: 2021-07-21

Summary

An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro.

Vulnerable Configurations

Part	Description	Count
Application	Keysight Keysight Database Connector -	1

References

https://bitbucket.org/keysight/keysight-plugins-for-atlassian-products/wiki/Confluence%20Plugins/Database%20Plugin