CVE-2019-3396

URI: https://gptkb.org/entity/CVE-2019-3396

GPTKB entity

Predicate	Object
gptkbp:instanceOf	gptkb:security
gptkbp:affects	gptkb:Atlassian_Confluence
gptkbp:citation	https://www.atlassian.com/trust/security/advisories/cve-2019-3396 https://jira.atlassian.com/browse/CONFSERVER-57974 https://nvd.nist.gov/vuln/detail/CVE-2019-3396
gptkbp:describes	Server-Side Template Injection vulnerability in Atlassian Confluence Widget Connector.
gptkbp:exploits	Yes
gptkbp:hasCVSSScore	9.8
gptkbp:hasCWE	gptkb:CWE-94
gptkbp:hasSeverity	Critical
gptkbp:impact	Remote Code Execution
gptkbp:patchedBy	Confluence 6.12.3 Confluence 6.13.3 Confluence 6.15.2 Confluence 6.6.12
gptkbp:publicationDate	2019-04-17
gptkbp:vectorFor	gptkb:network_protocol
gptkbp:vulnerableTo	gptkb:CVE-2019-3396 Widget Connector macro
gptkbp:bfsParent	gptkb:APT3
gptkbp:bfsLayer	7
https://www.w3.org/2000/01/rdf-schema#label	CVE-2019-3396