An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro.
CPE | Name | Operator | Version |
---|---|---|---|
database_connector | lt | 1.5.0 |