The host is installed with Confluence Server before 7.4.8 or 7.5 before 7.11.0 and is prone to the server-side request forgery vulnerability.A flaw is present in the application,which fails to handle team calendars parameters.Successful exploitation allows attackers to identify internal hosts and ports.