virus logo Endpoint Vulnerability

Atlassian Confluence Server CVE-2024-21686 Cross Site Scripting Vulnerability

description-logoDescription

Stored XSS in Confluence Data Center and Server allows authenticated attackers to run arbitrary HTML/JavaScript, compromising confidentiality and integrity.

affected-products-logoAffected Applications

Confluence Server

Version Updates

Date Version Status Detail
2026-04-05 1.00970
New
 Confluence Server
2025-02-14 1.00819
New
 Confluence Server

References

https://jira.atlassian.com/projects/CONFSERVER/issues/
ID 84070
Created Apr 05, 2026
Description
Updated		 Apr 05, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Atlassian
Patch manual
Application Confluence Server