Atlassian has rolled out fixes to remediate a critical security vulnerability pertaining to the use of hard-coded credentials affecting the Questions For Confluence app for Confluence Server and Confluence Data Center.
The flaw, tracked as CVE-2022-26138, arises when the app in question is enabled on either of two services, causing it to create a Confluence user account with the username “
This article has been indexed from The Hacker News – Most Trusted Cyber Security and Computer Security Analysis
Read the original article: