CVE-2020-14175 vulnerability in Atlassian Products
Published on July 24, 2020

Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in user macro parameters. The affected versions are before version 7.4.2, and from version 7.5.0 before 7.5.2.

NVD

Products Associated with CVE-2020-14175

Want to know whenever a new CVE is published for Atlassian products? stack.watch will email you.

Atlassian Confluence

Atlassian Data Center

Atlassian Jira

Affected Versions

Atlassian Confluence Server:

Version unspecified and below 7.4.2 is affected.
Version 7.5.0 and below unspecified is affected.
Version unspecified and below 7.5.2 is affected.

Exploit Probability

EPSS

0.28%

Percentile

51.03%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-14175 vulnerability in Atlassian ProductsPublished on July 24, 2020

Products Associated with CVE-2020-14175

Affected Versions

Exploit Probability

CVE-2020-14175 vulnerability in Atlassian Products
Published on July 24, 2020