Vulnerabilities > CVE-2021-26072 - Server-Side Request Forgery (SSRF) vulnerability in Atlassian Confluence Data Center and Confluence Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |