Community Announcements have moved! To stay up to date, please join the new Community Announcements group today. Learn more

×
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

JIRASESSIONID values being discovered on crawling and are accessible via URL, why?

Milan Chheda [INFOSYSTA]
Milan Chheda [INFOSYSTA]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 31, 2019

As a part of penetration testing, we crawled JIRA and as you can see in the below screenshot, JIRASESSIONID values are visible/discovered while crawling the JIRA website.

We would like to know why are they accessible? Are they valid? 

 

InkedjirasessionsIDs_LI.jpg

Answer
Watch
Like Be the first to like this
436 views

0 answers

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
atlassian, out of office, loom, confluence, async collaboration, meeting recaps, remote teamwork, team alignment, knowledge sharing, AI-powered notes, productivity tools, workforce continuity, teamwork collection

Put your meeting notes on autopilot with Loom + Confluence

AI-powered meeting notes keep work moving even if you’re out of the office. Enjoy your well-deserved time off and return refreshed, confident you’ll catch up in no time.

Learn more
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security