Confluence Vulnerabilities: accessing at security files Description   Two instances of Insecure Direct Object Reference were found in Confluence that allows any authenticated user to read configuration files from the application.       Default configuration   Profiles High Medium Low Internet Action Block Block Block Block Alarm Level Major Minor Minor Minor       References   URL: https://packetstormsecurity.com/files/135000/wpwoocommerce2412-exec.txt       Available since   ASQ v5.0.0       Protects   Atlassian Confluence Multiple Vulnerabilities Fixed by 5.8.17 100 last CVE   CVE-2015-8399 CVE-2015-8398    Risk level  Moderate