QID 731000

Atlassian Confluence is team collaboration software written in Java.

This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page
Affected version:
Confluence data center and server:6.13.x,6.14.x,6.15.x,7.0.x,7.1.x,7.2.x,7.3.x,7.4.x,7.5.x,,7.6.x,7.7.x,7.8.x,7.9.x,7.10.x,7.11.x,7.12.x,7.13.0,7.13.1,7.13.2,7.13.3,7.13.4,7.13.5,7.13.6,7.13.7,7.13.8,7.13.9,7.13.10,7.13.11,7.13.12,7.13.13,7.13.14,7.13.15,7.13.16,7.13.17,7.14.x,7.15.x,7.16.x,7.17.x,7.18.x,7.19.0,7.19.1,7.19.2,7.19.3,7.19.4,7.19.5,7.19.6,7.19.7,7.19.8,7.19.9,7.20.x,8.0.x,8.1.x,8.2.x,8.3.0

QID Detection Logic:(Unauthenticated)
It checks for vulnerable version of Atlassian Confluence Server.

Successful exploitation of this vulnerability could lead to a security breach or could affect confidentiality, integrity, and availability.