Loading...

Log In
Gathering Interest

XML

Word

Printable

Type: Suggestion
Resolution: Unresolved
Fix Version/s: None
Component/s: Security
Labels:
- triage-reviewed

Support reference count:
2

When a user changes their username via the UI the session cookie is not invalidated. For security purposes, all sessions should be invalidated and require the user to sign back in with the new password.

was cloned as

JRASERVER-73502 Jira does not invalidate session after a password change

Closed

Assignee:: Unassigned
Reporter:: Cole Aronson
Votes:: 2 Vote for this issue
Watchers:: 3 Start watching this issue

Created:: 07/Dec/2021 4:53 PM
Updated:: 28/Apr/2025 4:04 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates