It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

recently upgraded to jira 8.4 from 6.12

everything works as normal... with one exception... We cannot access custom fields  on page 2.  We have 7 total pages of custom fields but for some reason page 2 will not resolve.  All the fields work in existing workflows/screens etc... but if we want to edit a custom field located on page 2 we are denied... attlassian-jira.log and catalina.out do not throw an error when attempting to access these fields... 

Alphabetically, fields beginning with CH through fields EP are not accessible via jira interface.  

Integrity check on db shows fields are fine...  

Thank you in advance for any assistance in resolving this matter

1 answer

I'm pretty sure one or more field on that page have Javascript code injected on their description.

Is there any error on the Javascript console? You can find it using the F12 in most browser

Regards

VM1092:1 Uncaught TypeError: Cannot read property 'value' of null
at eval (eval at globalEval (batch.js?locale=en-US:33), <anonymous>:1:43)
at eval (<anonymous>)
at Function.globalEval (batch.js?locale=en-US:33)
at xe (batch.js?locale=en-US:44)
at c.fn.init.append (batch.js?locale=en-US:44)
at Object.appendContents (com.atlassian.plugin.jslibs:marionette-4.1.2-factory.js:31)
at e.attachHtml (com.atlassian.plugin.jslibs:marionette-4.1.2-factory.js:74)
at e._attachChildren (com.atlassian.plugin.jslibs:marionette-4.1.2-factory.js:74)
at e._renderChildren (com.atlassian.plugin.jslibs:marionette-4.1.2-factory.js:73)
at e.filter (com.atlassian.plugin.jslibs:marionette-4.1.2-factory.js:70)

I told you :)

Could you navigate to YOURDOMAIN/secure/admin/ViewIssueFields.jspa and press Edit link in each field to determine which field have the injected code in the description field?

Regards

Hi Jack,

is there any way how to determine the fields with injected JS?
We have really lot of custom fields, so we're not able to check out every field's description one by one.

 

Thanks,

Regards,

Query the DB directly:

 

SELECT * FROM "customfield" WHERE LOWER(description) LIKE '%script%'


Regards

Hi Jack,

thanks for fast reply, but there is still something missing for me probably.

I found out 1 field "Description" in 1 filed configuration which has the JS injected. But this SQL query didn't show me this field :/

Thanks,

Regards

sorry because the above query will only search for descriptions on customfields not on field configuration.

Use also

SELECT l.id, l.name, i.fieldidentifier, i.description FROM "fieldlayout" AS l, "fieldlayoutitem" as i WHERE l.id = i.fieldlayout AND LOWER(i.description) LIKE '%script%'



Regards

Like Tomáš Koudelka likes this

Jack, you solved it!

Thank you very much, it saved me a looot of time.

 

Have a nice day,

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you