Vulnerabilities > Atlassian > Questions FOR Confluence > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-07-20 CVE-2022-26138 Use of Hard-coded Credentials vulnerability in Atlassian Questions for Confluence 2.7.34/2.7.35/3.0.2
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password.
network
low complexity
atlassian CWE-798
critical
 9.8
9.8