You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.
View groupJoin the community to find out what other Atlassian users are discussing, debating and creating.
I´ve gone through Skillbuilder Is your Jira Instance secure (for server/DC), and in that skillbuilder the underestimated risk due to javascript (based on activation of HTML) is discussed.
In server/DC Jira Admin may turn off (in General Configuration) Enable HTML in project description and Enable HTML in custom field descriptions and list item values. I have now looked for the same configuration options in Cloud, but cannot find any.
So, my question is really this: Is there not a potential for HTML/JavaScript and WebSudo session threat in Cloud? And if no, how has this been solved in cloud? And if there is a potential threat, how can I as a Jira admin secure my instance against these potential threats, as I cannot adjust settings anywhere?
Catch up with Atlassian Product Managers in our 2020 Demo Den round-up! From Advanced Roadmaps to Code in Jira to Next-Gen Workflows, check out the videos below to help up-level your work in the new ...
Connect with like-minded Atlassian users at free events near you!
Find an eventConnect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.
Host an eventYou're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events