Vulnerabilities > Atlassian > Confluence Data Center > 7.4.10

DATE CVE VULNERABILITY TITLE RISK
2022-06-03 CVE-2022-26134 Expression Language Injection vulnerability in Atlassian Confluence Data Center
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance.
network
low complexity
atlassian CWE-917
critical
 9.8
9.8
2022-04-05 CVE-2021-39114 Code Injection vulnerability in Atlassian Confluence Data Center and Confluence Server
Affected versions of Atlassian Confluence Server and Data Center allow users with a valid account on a Confluence Data Center instance to execute arbitrary Java code or run arbitrary system commands by injecting an OGNL payload.
network
low complexity
atlassian CWE-94
8.8
8.8
2021-08-30 CVE-2021-26084 Expression Language Injection vulnerability in Atlassian Confluence Data Center and Confluence Server
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance.
network
low complexity
atlassian CWE-917
critical
 9.8
9.8
2021-05-07 CVE-2020-29444 Cross-site Scripting vulnerability in Atlassian Confluence Server
Affected versions of Team Calendar in Confluence Server before 7.11.0 allow attackers to inject arbitrary HTML or Javascript via a Cross Site Scripting Vulnerability in admin global setting parameters.
network
low complexity
atlassian CWE-79
5.4
5.4