Learn about CVE-2020-24898 affecting Table Filter and Charts for Confluence Server app. Discover the impact, technical details, and mitigation steps for this SSRF vulnerability.
The Table Filter and Charts for Confluence Server app before 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter).
Understanding CVE-2020-24898
This CVE involves a vulnerability in the Table Filter and Charts for Confluence Server app that could be exploited for SSRF attacks.
What is CVE-2020-24898?
CVE-2020-24898 is a security vulnerability in the Table Filter and Charts for Confluence Server app that enables Server-Side Request Forgery (SSRF) through the "Table from CSV" macro using the URL parameter.
The Impact of CVE-2020-24898
The vulnerability has a CVSS base score of 7.6, indicating a high severity level. It can lead to unauthorized access to sensitive data due to the SSRF capability.
Technical Details of CVE-2020-24898
The technical aspects of the CVE provide insights into the vulnerability and its implications.
Vulnerability Description
The Table Filter and Charts for Confluence Server app before version 5.3.26 allows SSRF attacks via the "Table from CSV" macro, posing a risk to the security of Atlassian Confluence instances.
Affected Systems and Versions
Exploitation Mechanism
Mitigation and Prevention
Protecting systems from CVE-2020-24898 requires immediate actions and long-term security practices.
Immediate Steps to Take
Long-Term Security Practices
Patching and Updates