Uploaded image for project: 'Jira Service Management Data Center'
  1. Jira Service Management Data Center
  2. JSDSERVER-6176

Hide Jira version in footer and email notifications

XMLWordPrintable

    • We collect Jira Service Desk feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Our security office pointed out to me today that email notifications from our Jira instance include the version number in the email.  This also brought up that Jira exposes this to the public through the webapp as well.  This is highly insecure and is a basic security precaution for any web application.  Never expose the version of your software to the public.  The only way I have found to hide these is to edit velocity template files, which will then be reverted next time I upgrade Jira.

      This is another security feature that needs to be addressed.  Combine this with the insecure version of JQuery that Jira runs and this application is starting to feel insecure to us.

            [JSDSERVER-6176] Hide Jira version in footer and email notifications

              Unassigned Unassigned
              766fa746bc8a Allan Libby
              Votes:
              4 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: