Unrated severityCISA KEVNVD Advisory· Published Aug 3, 2021· Updated Oct 21, 2025
CVE-2021-26085
CVE-2021-26085
Description
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.
Affected products
2- Atlassian/Confluence Data Centerv5Range: unspecified
- Atlassian/Confluence Serverv5Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.htmlmitrex_refsource_MISC
- jira.atlassian.com/browse/CONFSERVER-67893mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.