[CWD-2938] Set Crowd JSESSIONID as HTTPOnly in the default configuration - Create and track feature requests for Atlassian products.

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Medium
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.5.2
Component/s: None
Labels:
- no-advisory-required
- security

Bug Fix Policy:
View Atlassian Server bug fix policy

Description

This is to improve mitigation of XSS vulnerabilities.

Attachments

Activity

People

Assignee:: joe

Reporter:: VitalyA

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 04/Oct/2012 12:55 AM

Updated:: 15/Aug/2019 7:05 AM

Resolved:: 04/Oct/2012 2:13 AM