-
Type:
Suggestion
-
Resolution: Unresolved
-
Component/s: Jira Platform - SPA Shell
-
None
-
8
-
19
It has been previously assessed that {yourinstance}.atlassian/net/secure/QueryComponent!Default.jspa is not leaking any private Jira data from a Jira Cloud instances:
Regardless, it is unclear why this page still exists, after this was previously patched in Server/Data Center:
As such, as this page can potentially trigger vulnerability scanners and visually appear like it may be exposing sensitive data, is there a need for this to exist in Cloud any longer?
- is related to
-
JRACLOUD-75661 Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179
-
- Closed
-