Loading...

XML

Word

Printable

Type: Suggestion
Resolution: Unresolved
Component/s: Jira Platform - SPA Shell
Labels:
None

UIS:
9
Support reference count:
19
Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

It has been previously assessed that {yourinstance}.atlassian/net/secure/QueryComponent!Default.jspa is not leaking any private Jira data from a Jira Cloud instances:

Regardless, it is unclear why this page still exists, after this was previously patched in Server/Data Center:

https://jira.atlassian.com/browse/JRASERVER-71536

As such, as this page can potentially trigger vulnerability scanners and visually appear like it may be exposing sensitive data, is there a need for this to exist in Cloud any longer?

is related to

JRACLOUD-75661 Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179

Closed

Assignee:: Unassigned

Reporter:: Ryan Brailey

Votes:: 9 Vote for this issue

Watchers:: 14 Start watching this issue

Created:: 26/Jun/2023 7:36 AM

Updated:: 6 days ago 2:08 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates