PT-2020-15853 · Atlassian · Table Filter/Charts For Confluence Server
Published
2020-08-29
·
Updated
2020-09-04
·
CVE-2020-24898
CVSS v3.1
7.6
High
| Vector | AC:L/AV:N/A:L/C:H/I:L/PR:L/S:U/UI:N |
Name of the Vulnerable Software and Affected Versions
Table Filter and Charts for Confluence Server versions prior to 5.3.26
Description
The issue allows for Server-Side Request Forgery (SSRF) via the "Table from CSV" macro, specifically through a URL parameter.
Recommendations
For versions prior to 5.3.26, update to version 5.3.26 or later to resolve the issue.
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Table Filter/Charts For Confluence Server