CVE-2022-26138: Atlassian Questions For Confluence App Hard-coded
Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability. Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.
- CISA KEV-listed (remediation due 2022-08-19)
- EPSS 94.3% (100.0% percentile)