I went through various references regarding the patches and issue solved for the XSS vulnerabilities. Currently i am using the JIRA version 6.1 and i want to edit the announcement banner.
While doing so, i tried to inject an script with the text:
eg: Welcome <script>window.location.href="some site"</script>. When i did the changes, it made me to redirect to that particular mentioned site. So how should i prevent the open redirection or XSS vulnerabilities? Is there any way!! Please share/discuss.
👋 Hi there Jira Community! A few months ago we shared with you plans around renaming epics in your company-managed projects. As part of these changes, we highlighted upcoming changes to epics on...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events