admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#710

Browse Source 
Auto-merge PR#710
This commit is contained in:
CVE Team 2021-02-04 00:55:13 -05:00 committed by GitHub
commit 1f80e970b1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
2020/4xxx/CVE-2020-4027.json
View File

@ -15,6 +15,32 @@
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_value": "7.4.5",
"version_affected": "<"
},
{
"version_value": "7.5.0",
"version_affected": ">="
},
{
"version_value": "7.5.1",
"version_affected": "<"
}
]
}
},{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_value": "7.4.5",
"version_affected": "<"
},
{
"version_value": "7.5.0",
"version_affected": ">="
},
{
"version_value": "7.5.1",
"version_affected": "<"
@ -36,7 +62,7 @@
"description_data": [
{
"lang": "eng",
"value": "Atlassian Confluence Server and Data Center before version 7.5.1 allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros."
"value": "Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version 7.5.0 before 7.5.1."
}
]
},