Atlassian: >> Html Include And Replace Macro Security Vulnerabilities
The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element.
CVSS Score
6.8
EPSS Score
0.018
Published
2019-08-14