Critical Vulnerability in Atlassian's Confluence Server and Confluence Data Center

Published on 21 Jul 2022

Updated on 21 Jul 2022

Atlassian has released a security update to address a critical vulnerability (CVE-2022-26138) in their Confluence Server and Data Center products.

Successful exploitation of this vulnerability may allow an unauthenticated attacker to log into unpatched Confluence servers and access any non-restricted content.

The following versions of Questions for Confluence app are affected:

  • Version 2.7.34
  • Version 2.7.35
  • Version 3.0.2


Administrators and users who are using affected versions of the products are advised to upgrade to the latest versions immediately.