Crowd

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-21569 HIGH This Week

XXE injection in Atlassian Crowd Data Center and Server 7.1.0+ enables authenticated attackers to read local and remote files, significantly compromising confidentiality and availability. The vulnerability requires high privileges to exploit but accepts no user interaction, affecting multiple Crowd versions until patching to 7.1.3 or later. No patch is currently available for all affected versions.

Atlassian Confluence XXE Crowd

NVD VulDB

CVSS 3.0

7.9

EPSS

0.1%

CVE-2026-21569

EPSS 0% CVSS 7.9

HIGH This Week

XXE injection in Atlassian Crowd Data Center and Server 7.1.0+ enables authenticated attackers to read local and remote files, significantly compromising confidentiality and availability. The vulnerability requires high privileges to exploit but accepts no user interaction, affecting multiple Crowd versions until patching to 7.1.3 or later. No patch is currently available for all affected versions.

Atlassian Confluence XXE +1

NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy