Atlassian has released a security update to address a critical vulnerability (CVE-2022-26138) in their Confluence Server and Data Center products.
Successful exploitation of this vulnerability may allow an unauthenticated attacker to log into unpatched Confluence servers and access any non-restricted content.
The following versions of Questions for Confluence app are affected:
- Version 2.7.34
- Version 2.7.35
- Version 3.0.2
Administrators and users who are using affected versions of the products are advised to upgrade to the latest versions immediately.