Release Notes for Countdown Timer 1.7.1

Summary


Bug Fixes

XSS in Countdown Timer

A cross-site scripting (XSS) vulnerability has been identified and fixed in Countdown Timer.

This vulnerability is rated as Medium according to Atlassian's Severity Levels for Security Issues.

In order to exploit this, users must have permissions to edit content within Confluence

Affected versions:

  • version < 1.7.0

Fixed versions:

  • 1.7.1

Acknowledgement:

We would like to acknowledge Roman Ferdigg from SEC Consult for reporting this vulnerability.



Issues

Key Summary T Status Resolution
Loading...
Refresh