Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,323,839
Community Members
 
Community Events
168
Community Groups

Help regarding the New vulnerability voilation in SLA

Hi,

We have few questions

1) We received a vulnerability report on the Security dashboard and we went through the below document to do the fix
https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072
2) We are not using Atlasian connect express (ACE), in our atlassian-connect.json
3) As said in the above url is it enough to add "apiMigrations": { "context-qsh": true } alone in the atlassian-connect.json or do we need to add the addon.authenticate(true) in the endpoints. How to decode context-qsh

1 answer

Hi,

Can anyone help us on the above questions

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events