XSS in Countdown Timer
A cross-site scripting (XSS) vulnerability has been identified and fixed in Countdown Timer.
This vulnerability is rated as Medium according to Atlassian's Severity Levels for Security Issues.
In order to exploit this, users must have permissions to edit content within Confluence
We would like to acknowledge Roman Ferdigg from SEC Consult for reporting this vulnerability.