← Back

Gliffy

gliffy

Vendor: Gliffy • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2012-2928
2Atlassian
Gliffy
3Confluence Server
GliffyJira
Apr 29, 2026
May 22, 2012
N/A· v4
N/A· v3
6.4 MEDIUM· v2
The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or...Show more
The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.Show less