We've had a user report a suspicious message that seem to have been abuse of our Cloud Instance. Is it possible there is a security vulnerability with JIRA Cloud? They (attacker) were obviously using Burp to surface this issue.
See screen shot.
Hi @p.moreno
Thank you for your question in here - I'm Matt on the Atlassian Security Team.
If you raise a support request at https://getsupport.atlassian.com we will be able to investigate this further for you.
On the surface however It looks like this is someone testing against this vulnerability which we disclosed on July 10, 2019: https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.html
Please note that Jira Cloud customers are not affected.
Thank you for reaching out, please let me know if there's anything else I can do to help.
Cheers,
Matt
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.