A user downloaded a wiki page via the Firefox extension DownThemAll!, https://addons.mozilla.org/en-US/firefox/addon/201

This triggered deletion of all page attachments. No record of this deletion was made in page history. It was only via the apache log that it was identified via requests of the form:

GET /confluence/pages/removeattachment.action?pageId=

The ability to delete content via GET violates RFC2616 (section 9.1.1):

"In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval."