Snapsec's security researchers have found a serious Stored Cross-Site Scripting (XSS) flaw in Atlassian's Jira Work Management This article explores snapsec security researchers. . A low-privileged attacker could fully take over an organization's Jira environment if they found this vulnerability.

Reflected XSS needs a victim to click on a link that has been carefully crafted to be malicious. Stored XSS, on the other hand, embeds the malicious payload permanently in the application itself. Anyone who is logged in and visits the affected page could be a victim. The payload runs on its own in the victim's browser session, which lets attackers steal session cookies, exfiltrate tokens, make unauthorized changes to accounts (like changing email addresses), and finally take over the entire account.

Phishing, malware, or stealing credentials were not needed for the attack chain.

It took advantage of the trust boundary between the administrative configuration and the content that the browser rendered. This is a common but often overlooked type of vulnerability. The research group found the attack and linked it to the role with the least power that could have an effect on the whole organization.

This study reveals three fundamental security vulnerabilities pertinent to all SaaS platforms. It is not possible to make backend validation optional, and input encoding and output sanitization must be done the same way for all configuration fields. Stored XSS is still a major attack vector, especially when it interacts with administrative workflows that have a lot of power. Atlassian's own security remediation policy says that critical and high-severity bugs must be fixed within 90 days of being reported for cloud products.

This shows how important it is to deal with findings like this one quickly after they are reported through responsible disclosure channels.

Click here to read the whole report on Jira's security holes and how to fix them in a few weeks or even months. For private help, you can call the Samaritans at 08457 90 90 90, go to a Samaritans branch near you, or click here for more information. If you're in the U.S., call 1-800-273-8255 to reach the National Suicide Prevention Lifeline.