CVE-2021-26072 vulnerability in Atlassian Products
Published on April 1, 2021

The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery (SSRF) vulnerability.

NVD

Products Associated with CVE-2021-26072

stack.watch emails you whenever new vulnerabilities are published in Atlassian Confluence or Atlassian Data Center. Just hit a watch button to start following.

Atlassian Confluence

Atlassian Data Center

Affected Versions

Atlassian Confluence Server:

Version unspecified and below 5.8.6 is affected.

Atlassian Confluence Data Center:

Version unspecified and below 5.8.6 is affected.

Exploit Probability

EPSS

21.74%

Percentile

95.67%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-26072 vulnerability in Atlassian ProductsPublished on April 1, 2021

Products Associated with CVE-2021-26072

Affected Versions

Exploit Probability

CVE-2021-26072 vulnerability in Atlassian Products
Published on April 1, 2021