Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

JavaScript injection in the Announcement Banner in jira 7

manojkumar3036
manojkumar3036 March 19, 2018

As the application allows a valid user to insert java script in the announcement banner which is redirecting to some other site. 

Eg: Welcome<script>window.location.href='some other site'</script> 

I want to prevent this injection in announcement banner. Need help on this. Version of jira is 7.0 . 

Answer
Watch
Like Be the first to like this
1509 views

2 answers

0 votes
Sachin Dhamale
Sachin Dhamale
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
April 13, 2023

Hi @manojkumar3036 

Only Jira admin has right to apply any script to the announcement banner.

You can remove jira admin permission for the user you want to restrict.

 

Thanks,

Sachin

Reply
0 votes
Gezim Shehu [Communardo]
Gezim Shehu [Communardo]
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
March 19, 2018

Which is your request exactly?

Want to know if this is possible?

View More Comments
manojkumar3036
manojkumar3036 March 19, 2018

I want to restrict the script injection in the announcement banner!! 

Like
manojkumar3036
manojkumar3036 March 19, 2018

@Gezim Shehu [Communardo] The currently version which i am using is 7.0. 

Like
Gezim Shehu [Communardo]
Gezim Shehu [Communardo]
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
March 20, 2018

Do you mean unauthorized users can inject ?

I am not aware of that.

Like
AlexD
AlexD October 5, 2018

<\code>alert(сообщение)<code>

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events