VYPR

Atlassian Questions For Confluence

by Atlassian

CVEs (3)

  • CVE-2018-13394MedAug 15, 2018
    risk 0.42cvss 6.5epss 0.01

    The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery…

  • CVE-2018-13393MedAug 15, 2018
    risk 0.42cvss 6.5epss 0.01

    The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request…

  • CVE-2022-26138KEVJul 20, 2022
    risk 0.20cvss epss 0.98

    The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded…