Reply to post: Re: Grab the private key?

Atlassian scrambles to fix zero-day security hole accidentally disclosed on Twitter

Michael Wojcik Silver badge

Re: Grab the private key?

Who exactly can grab this private key, and how?

Anyone with a copy of the Atlassian Confluence desktop application, by debugging. The private key is embedded in the desktop app.

This is a classic error, and per the Twitter thread, there are likely many, many more offenders.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022