CNNVD-202601-4841 Information

CNNVD ID

CNNVD-202601-4841

Related CVE

CVE-2026-21569

• CNNVD Published: 2026-01-28

Description (Chinese)

Atlassian Crowd Data Center是澳大利亚Atlassian公司的Crowd的集群部署版。 Atlassian Crowd Data Center 7.1.0及之后版本存在安全漏洞，该漏洞源于XML外部实体注入，可能导致访问本地和远程内容。

Description (English)

Atlas sian Crowd Data Center is a cluster deployment version of Crowd from Atlassian, Australia. There is a security gap in Atlas sian Crowd Data Center 7.1.0 and subsequent versions, which originates from the injection of an external XML entity and may lead to access to local and remote content.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Atlassian

Published

2026-01-28

Last Modified

2026-02-24

References

https://confluence.atlassian.com/pages/viewpage.action?pageId=1712324819 https://jira.atlassian.com/browse/CWD-6453

Patch

https://confluence.atlassian.com/security/security-bulletin-january-20-2026-1712324819.html