security

Topic Replies Views Activity
Action Required - Atlassian Connect installation lifecycle security improvements
Announcements
jira-cloudconfluence-cloudsecurityecosystem-securityconnect
183 10287 October 28, 2021
Missing Function Level Access Control vulnerability in ac-express and ac-spring-boot
Atlassian Developer Tools
jira-cloudac-expressac-spring-bootatlassian-connectsecurity
2 582 October 28, 2021
4 Aug 2021 - Action required - Deprecating persistent refresh tokens
Announcements
securitydeprecation3lo
36 4179 October 27, 2021
PSA - XWork security blocklist lands in 7.15 beta
Confluence Server Announcements
confluence-servereapsecurityxworkxwork-webworkconfluence-data-center
0 85 October 21, 2021
Updated URI for project avatar resources in REST API responses
Jira Cloud Announcements
rest-apiavatarsecuritypermissions
0 210 October 12, 2021
Content Security Policies (CSP) and Custom UI issue
Forge Custom UI and UI kit (beta)
jira-cloudrest-apisecuritycustom-content
3 206 September 29, 2021
Any fix to against this threat in Confluence: CVE-2021-26084 (brand new)
Confluence Server
security
3 108 September 10, 2021
What is the best way to store and access user tokens securely and safely?
Forge Platform and Tools
securityforge-storage
2 134 September 7, 2021
Storing sensitive data with Forge
Forge
jwtsecurityforge-connect
2 165 August 30, 2021
Storing and handling app installation secrets
Announcements
jira-cloudconfluence-cloudatlassian-connectsecurityecosystem-security
3 366 September 29, 2021
Security: Marketplace permission to release new versions?
General Discussion
marketplacesecurityecosystem-security
2 226 August 18, 2021
Connect is returning to per-installation secrets
Announcements
jira-cloudconfluence-cloudsecurityecosystem-securityconnect
1 957 September 16, 2021
Security testing your app with DAST tools
Jira Cloud
testingatlassian-connectsecurity
0 121 August 5, 2021
Content rendering by apps of another app's macros is now restricted
Announcements
confluence-cloudatlassian-connectsecurity
16 800 September 1, 2021
How to generate JWT or get shared secret in front-end to access my own REST API server using Atlassian Spring Boot starter?
Jira Cloud
jira-cloudrest-apiauthjwtac-spring-bootsecurity
1 224 July 30, 2021
HSTS check fail with Connect Security Requirements Tester (CSRT)
Jira Cloud
jira-cloudjavaac-spring-bootsecurityhsts
24 783 July 30, 2021
Expired JWT token in the iframe of the panel, which leads to HTTP 401 response
Jira Cloud
jwtatlassian-connectsecuritycloudtokeniframe
2 233 July 20, 2021
Atlassian-jwt 2.0 Algorithm from the header "HS256" does not match
Jira Cloud
jwtatlassian-connectsecurityatlassian-connect-express
5 268 July 17, 2021
Action required: Atlassian Connect vulnerability allows bypass of app qsh verification via context JWTs
Announcements
jira-cloudconfluence-cloudjwtatlassian-connectsecurity
83 8759 July 30, 2021
Announcing the Connect app authorization guide
Announcements
jira-cloudconfluence-cloudatlassian-connectsecurityecosystem-security
11 1066 July 28, 2021
Which app method is efficient to create third party integration applications(connect or forge)?
Jira Cloud
rest-apiauthatlassian-connectsecurityforgesecrets-management
10 314 June 16, 2021
Malicious attachments on Jira (SW or JSM)
Jira Cloud
jira-cloudconfluence-cloudsecurityattachmentcloud
1 123 June 15, 2021
DOMPurify inside Forge UI Kit
Forge
securityforge-ui
4 204 June 11, 2021
How to use ACE addon.authenticate(true)
Jira Cloud
jwtnodejssecurityatlassian-connect-express
0 252 June 10, 2021
Connect: Does anyone encrypt the app secrets?
Jira Cloud
atlassian-connectsecurity
4 348 June 8, 2021
Iframe Usage in Forge Jira Custom UI’s
Jira Cloud
jira-cloudsecurityiframeforgexsrf
1 179 June 3, 2021
Password textfield
Forge Custom UI and UI kit (beta)
securityauthenticationbasic-authforge
1 136 May 27, 2021
Strict-Transport-Security (HSTS) in ACE
Jira Cloud
jira-cloudsecurityherokuaceatlassian-connect-expressecosystem-securityhsts
1 333 May 21, 2021
Issue security APIs for non-classic projects
Jira Cloud
jira-cloudrest-apisecurity
3 147 May 19, 2021
Questions about framework security, restrictions
General
securitybitbucket
1 852 May 17, 2021