cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-26138,https://securityvulnerability.io/vulnerability/CVE-2022-26138,,"The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app.",Atlassian,Questions For Confluence,9.8,CRITICAL,0.9696599841117859,true,false,false,true,true,false,false,2022-07-20T00:00:00.000Z,0
CVE-2018-13393,https://securityvulnerability.io/vulnerability/CVE-2018-13393,,"The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery (CSRF) vulnerability.",Atlassian,Confluence Questions,6.5,MEDIUM,0.0006699999794363976,false,false,false,false,,false,false,2018-08-15T00:00:00.000Z,0
CVE-2018-13394,https://securityvulnerability.io/vulnerability/CVE-2018-13394,,"The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery (CSRF) vulnerability.",Atlassian,Confluence Questions,6.5,MEDIUM,0.0007800000021234155,false,false,false,false,,false,false,2018-08-15T00:00:00.000Z,0