A friend of mine finally found that jar!

CVE-2022-26138: A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into #Confluence and access all content accessible to users in the confluence-users group

The password is disabled1system1user6708

Source: https://packages.atlassian.com/maven-atlassian-external/com/atlassian/confluence/plugins/confluence-questions/3.0.2/confluence-questions-3.0.2.jar