l0nax/CVE-2019-15053

Releases0

(FAB-2019-00156) Vulnerability discoverd by me CVE-2019-15053

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-15053 ↗	Aug 14, 2019Wednesday, 14 August 2019, 17:15	—	6 MEDIUM
The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element.