Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Need support to remove "Clickjacking" vulnerability in JIRA Service desk web service.

Abhijit Kirdat
Abhijit Kirdat February 9, 2018

Please refer ticket no : SDS-29277.

We have performed mentioned steps on Tomcat web.xml file but still after vulnerability scanning we are getting same vulnerability hence unable to publish server over internet.

Please let us know the best step to close this vulnerability permanently.

 

But as per ticket number JRASERVER-25143 this vulnerability has been closed in upgraded version i.e. Jira core 7.6. Now we come to know that JIRA 7.7 has been also introduce so want to check whether we can go with this version directly.

Answer
Watch
Like Be the first to like this
343 views

1 answer

0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 9, 2018

You can stay on 7.6 if you want, it has been fixed there.  7.7 will include this fix.

Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events