CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-35121

An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://bitbucket.org/keysight/keysight-plugins-for-atlassian-products/wiki/Confluence%20Plugins/Database%20Plugin
https://bitbucket.org/keysight/keysight-plugins-for-atlassian-products/wiki/Confluence%20Plugins/Database%20Plugin

Products affected by CVE-2020-35121

Keysight » Database Connector » Version: N/A

cpe:2.3:a:keysight:database_connector:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35121

Products

Pricing

Contact Us