/
Use Cases
Use Cases
- Jörg Spiegelhoff (Deactivated)
Owned by Jörg Spiegelhoff (Deactivated)
1 JIRA is showing Popular Filters (shared with all users) to user which are not logged in!
Does your JIRA also show all Filters which are "shared with all users" to really everyone in the world?
Just try the following:
- Make sure that you are not logged in
- Type in the following URL in your browser:
https://your-jira-domain.com/secure/ManageFilters.jspa - Do you also see something like this?
As you can see - without logging in you can get information about saved filters and names + mail adress from the filter owner.
Protect this data with our Prevent Anonymous Access Plugin!
2 JIRA is showing Popular Dashboards (shared with all users) to user which are not logged in!
Does your JIRA also show all Dashboards which are "shared with all users" to really everyone in the world?
Just try the following:
- Make sure that you are not logged in
- Type in the following URL in your browser:
https://your-jira-domain.com/secure/ConfigurePortalPages!default.jspa - Do you also see something like this?
As you can see - without logging in you can get information about saved Dashboards and names from the dashboard owner.
Protect this data with our Prevent Anonymous Access Plugin!
3 JIRA is interacting to user which are not logged in!
Also you are not logged in JIRA is interacting with so called anonymous user. Here you find some examples:
- Try to change the project avatar: https://your-jira-domain.com/secure/project/views/editproject.jsp
- You can use the quick search on the login form and are able to enter and execute JQL searches.
Also you won't get any issue data, the JIRA system is responding and interacting.
If you think this is not an acceptable behaviour.
Protect this data with our Prevent Anonymous Access Plugin!
, multiple selections available,