Release Notes for Countdown Timer 1.7.1


Bug Fixes

XSS in Countdown Timer

A cross-site scripting (XSS) vulnerability has been identified and fixed in Countdown Timer.

This vulnerability is rated as Medium according to Atlassian's Severity Levels for Security Issues.

In order to exploit this, users must have permissions to edit content within Confluence

Affected versions:

  • version < 1.7.0

Fixed versions:

  • 1.7.1


We would like to acknowledge Roman Ferdigg from SEC Consult for reporting this vulnerability.