Hi !
I am writing this email to let you know of a Stored XSS Vulnerability that i found on atlassian.com .
You will have the POC as an atachment to this report that i am making.

Now i will show you in details how i managed to find this vulnerability.
Firstly I created an account in atlassian.com . When i created my account i set the full name to : "><svg/onload=confirm(document.domain)>;
Then under my services, i went to https://answers.atlassian.com/
and when the page fully loaded, the javascript payload that was in my full name was executed and i got the result shown in the attachment image.
I also uploaded another image as an atachment showing to you the user cookies which you can get by just replacing document.domain with document.cookie on the payload.

Regards,
Andi