Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Help regarding the New vulnerability voilation in SLA

Ramkumar Pandian June 14, 2021

Hi,

We have few questions

1) We received a vulnerability report on the Security dashboard and we went through the below document to do the fix
https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072
2) We are not using Atlasian connect express (ACE), in our atlassian-connect.json
3) As said in the above url is it enough to add "apiMigrations": { "context-qsh": true } alone in the atlassian-connect.json or do we need to add the addon.authenticate(true) in the endpoints. How to decode context-qsh

1 answer

Suggest an answer

Log in or Sign up to answer
0 votes
Ramkumar Pandian June 14, 2021

Hi,

Can anyone help us on the above questions

TAGS
AUG Leaders

Atlassian Community Events