CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-13393

The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery (CSRF) vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.9%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

Products affected by CVE-2018-13393

Atlassian » Questions For Confluence » Version: 1.0.197

cpe:2.3:a:atlassian:questions_for_confluence:1.0.197
Atlassian » Questions For Confluence » Version: 1.0.210

cpe:2.3:a:atlassian:questions_for_confluence:1.0.210
Atlassian » Questions For Confluence » Version: 1.0.227

cpe:2.3:a:atlassian:questions_for_confluence:1.0.227
Atlassian » Questions For Confluence » Version: 1.0.239

cpe:2.3:a:atlassian:questions_for_confluence:1.0.239
Atlassian » Questions For Confluence » Version: 1.0.267

cpe:2.3:a:atlassian:questions_for_confluence:1.0.267
Atlassian » Questions For Confluence » Version: 1.0.294

cpe:2.3:a:atlassian:questions_for_confluence:1.0.294
Atlassian » Questions For Confluence » Version: 1.0.312

cpe:2.3:a:atlassian:questions_for_confluence:1.0.312
Atlassian » Questions For Confluence » Version: 1.0.319

cpe:2.3:a:atlassian:questions_for_confluence:1.0.319
Atlassian » Questions For Confluence » Version: 1.0.387

cpe:2.3:a:atlassian:questions_for_confluence:1.0.387
Atlassian » Questions For Confluence » Version: 1.0.408

cpe:2.3:a:atlassian:questions_for_confluence:1.0.408
Atlassian » Questions For Confluence » Version: 1.0.411

cpe:2.3:a:atlassian:questions_for_confluence:1.0.411
Atlassian » Questions For Confluence » Version: 1.0.420

cpe:2.3:a:atlassian:questions_for_confluence:1.0.420
Atlassian » Questions For Confluence » Version: 1.0.440

cpe:2.3:a:atlassian:questions_for_confluence:1.0.440
Atlassian » Questions For Confluence » Version: 1.0.448

cpe:2.3:a:atlassian:questions_for_confluence:1.0.448
Atlassian » Questions For Confluence » Version: 1.0.469

cpe:2.3:a:atlassian:questions_for_confluence:1.0.469
Atlassian » Questions For Confluence » Version: 1.0.618

cpe:2.3:a:atlassian:questions_for_confluence:1.0.618
Atlassian » Questions For Confluence » Version: 1.1.0

cpe:2.3:a:atlassian:questions_for_confluence:1.1.0
Atlassian » Questions For Confluence » Version: 1.1.43

cpe:2.3:a:atlassian:questions_for_confluence:1.1.43
Atlassian » Questions For Confluence » Version: 1.1.47

cpe:2.3:a:atlassian:questions_for_confluence:1.1.47
Atlassian » Questions For Confluence » Version: 2.0.10

cpe:2.3:a:atlassian:questions_for_confluence:2.0.10
Atlassian » Questions For Confluence » Version: 2.1.3

cpe:2.3:a:atlassian:questions_for_confluence:2.1.3
Atlassian » Questions For Confluence » Version: 2.1.4

cpe:2.3:a:atlassian:questions_for_confluence:2.1.4
Atlassian » Questions For Confluence » Version: 2.1.5

cpe:2.3:a:atlassian:questions_for_confluence:2.1.5
Atlassian » Questions For Confluence » Version: 2.2.0

cpe:2.3:a:atlassian:questions_for_confluence:2.2.0
Atlassian » Questions For Confluence » Version: 2.3.0

cpe:2.3:a:atlassian:questions_for_confluence:2.3.0
Atlassian » Questions For Confluence » Version: 2.3.4

cpe:2.3:a:atlassian:questions_for_confluence:2.3.4
Atlassian » Questions For Confluence » Version: 2.4.10

cpe:2.3:a:atlassian:questions_for_confluence:2.4.10
Atlassian » Questions For Confluence » Version: 2.4.11

cpe:2.3:a:atlassian:questions_for_confluence:2.4.11
Atlassian » Questions For Confluence » Version: 2.4.15

cpe:2.3:a:atlassian:questions_for_confluence:2.4.15
Atlassian » Questions For Confluence » Version: 2.4.19

cpe:2.3:a:atlassian:questions_for_confluence:2.4.19
Atlassian » Questions For Confluence » Version: 2.4.2

cpe:2.3:a:atlassian:questions_for_confluence:2.4.2
Atlassian » Questions For Confluence » Version: 2.4.22

cpe:2.3:a:atlassian:questions_for_confluence:2.4.22
Atlassian » Questions For Confluence » Version: 2.4.4

cpe:2.3:a:atlassian:questions_for_confluence:2.4.4
Atlassian » Questions For Confluence » Version: 2.5.2

cpe:2.3:a:atlassian:questions_for_confluence:2.5.2
Atlassian » Questions For Confluence » Version: 2.5.4

cpe:2.3:a:atlassian:questions_for_confluence:2.5.4
Atlassian » Questions For Confluence » Version: 2.5.5

cpe:2.3:a:atlassian:questions_for_confluence:2.5.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-13393

Products

Pricing

Contact Us