The host is installed with Atlassian Confluence Server versions 6.11.0 before 6.13.10, 6.14.0 before 6.15.10, 7.0.0 before 7.0.5 or 7.1.0 before 7.1.2 and is prone to a man-in-the-middle vulnerability. A flaw is present in the application which fails to properly handle the Confluence Previews plugin in the application. Successful exploitation allows attackers to carry out a man-in-the-middle (MITM) attack to observe files being edited using the companion application and/or modify them, and access some limited user information.