Threat Advisories - NVD Disclosed July 20, 2022

CVE-2022-26138

Atlassian Questions for Confluence Hard-Coded Credentials Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in the Atlassian Questions for Confluence app allows an unauthenticated attacker to access Confluence content with the privileges of the `confluence-users` group. This poses a risk of unauthorized data exposure.

NVD published: July 20, 2022 • CISA KEV