CVE-2021-26072 vulnerability in Atlassian Products
Published on April 1, 2021

The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.

NVD

Products Associated with CVE-2021-26072

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-26072 are published in these products:

Atlassian Confluence

Atlassian Data Center

Affected Versions

Atlassian Confluence Server:

Version unspecified and below 5.8.6 is affected.

Atlassian Confluence Data Center:

Version unspecified and below 5.8.6 is affected.

Exploit Probability

EPSS

18.13%

Percentile

95.04%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-26072 vulnerability in Atlassian ProductsPublished on April 1, 2021

Products Associated with CVE-2021-26072

Affected Versions

Exploit Probability

CVE-2021-26072 vulnerability in Atlassian Products
Published on April 1, 2021