Synopsis
The remote Confluence server is affected by a secret key disclosure vulnerability.
Description
Versions of Confluence 5.10.x prior to 5.10.4 contain a flaw that may result in the secret key used for linked instance communication being exposed. This may allow an authenticated remote attacker to disclose it and e.g. gain full control over a linked HipChat instance.
Solution
Upgrade to Confluence 5.10.x version 5.10.4 or later.