Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-73502

Jira does not invalidate session after a password change

XMLWordPrintable

    • 8.22
    • 4
    • Severity 3 - Minor
    • Hide
      Atlassian Update – 28 June 2023

      Hi everyone,

      Thank you for taking the time to file and comment on this issue. We've reviewed it and agreed it’s a priority for us to resolve. Our engineers have already started working on the issue.

      Please continue watching this ticket for future updates and changes in the timeline that may impact your work.

      Andrzej Kotas

      Jira DC Product Manager

      Show
      Atlassian Update – 28 June 2023 Hi everyone, Thank you for taking the time to file and comment on this issue. We've reviewed it and agreed it’s a priority for us to resolve. Our engineers have already started working on the issue. Please continue watching this ticket for future updates and changes in the timeline that may impact your work. Andrzej Kotas Jira DC Product Manager

      When a user changes their username via the UI the session cookie is not invalidated. For security purposes, all sessions should be invalidated and require the user to sign back in with the new password.

              mrydzewski Mikolaj Rydzewski (Inactive)
              1b8ef95d49c1 asah (Inactive)
              Votes:
              3 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: