Context jwt vulnarbility

Following the steps from this article: Action required: Atlassian Connect vulnerability allows bypass of app qsh verification via context JWTs

“type”: “jwt”

I did this:

  • In atlassian-connect.json:
    “context-qsh”: true,
  • In the pom.xml:

And I started to get this:

Hi @Svetoslav,

the error suggests you are using an older version of Spring Boot, perhaps 2.2.1.RELEASE?

I would suggest that you upgrade to Spring Boot 2.4.2, considering the open issue we have against 2.4.3 or later.


Thanks, Einar!
The Spring Booot version was 2.2.2.RELEASE. Now after I upgrade it to 2.4.2 everything works fine.