CVE-2022-26138

⚠ KEVEPSS 94.3%

Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability

Added to CISA KEV: 7/29/2022

Description

Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.

Affected packages (0)

No package mapping in OSV.