Skip to main content

Questions For Confluence

3 CVEs product

Monthly

CVE-2022-26138 CRITICAL POC KEV PATCH THREAT Act Now

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Atlassian Questions For Confluence
NVD
CVSS 3.1
9.8
EPSS
98.2%
CVE-2018-13394 MEDIUM This Month

The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Atlassian Questions For Confluence
NVD
CVSS 3.0
6.5
EPSS
0.8%
CVE-2018-13393 MEDIUM This Month

The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Atlassian Questions For Confluence
NVD
CVSS 3.0
6.5
EPSS
0.8%
EPSS 98% CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Atlassian Questions For Confluence
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Atlassian Questions For Confluence
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Atlassian Questions For Confluence
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy