CVE-2020-4027 is a vulnerability in Atlassian Confluence
Published on July 1, 2020
Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version 7.5.0 before 7.5.1.
Products Associated with CVE-2020-4027
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-4027 are published in Atlassian Confluence:
Affected Versions
Atlassian Confluence Server:- Version unspecified and below 7.4.5 is affected.
- Version 7.5.0 and below unspecified is affected.
- Version unspecified and below 7.5.1 is affected.
- Version unspecified and below 7.4.5 is affected.
- Version 7.5.0 and below unspecified is affected.
- Version unspecified and below 7.5.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.