An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro.
References
Link | Resource |
---|---|
https://bitbucket.org/keysight/keysight-plugins-for-atlassian-products/wiki/Confluence%20Plugins/Database%20Plugin | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-12-15 23:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-35121
Mitre link : CVE-2020-35121
CVE.ORG link : CVE-2020-35121
JSON object : View
Products Affected
keysight
- database_connector
CWE