Uploaded image for project: 'Jira Service Management Data Center'
  1. Jira Service Management Data Center
  2. JSDSERVER-4056

Expire Satisfaction Feedback Token

    XMLWordPrintable

Details

    • 1
    • 1
    • We collect Jira Service Desk feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      NOTE: This suggestion is for JIRA Service Desk Server. Using JIRA Service Desk Cloud? See the corresponding suggestion.

      Problem Definition

      In certain environments, agents have access to the inbox of the mail account that Service Desk uses for the mail channel. In this scenario, it is possible for the agent to manipulate customer satisfaction feedback ratings in the event that the customer replies to Closed\Resolved notification containing the satisfaction survey. If the reply includes the quoted body of the survey, the agent can follow the link and change the star rating.

      Suggested Solution

      Expire the feedback token after initial customer survey completion. Alternatively, disallow agent access to satisfaction feedback survey pages.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JSDSERVER-15137 The feedback token for customer surveys is printed in the access log

          • Low - Low priority issues
          • Waiting for Release
          relates to

          Suggestion - JSDCLOUD-4056 Expire Satisfaction Feedback Token

          • Gathering Interest

          Activity

            People

              Unassigned Unassigned
              rgould@atlassian.com Russ Gould [Atlassian]
              Votes:
              19 Vote for this issue
              Watchers:
              14 Start watching this issue

              Dates

                Created:
                Updated:

                Backbone Issue Sync