Versions Compared

Old Version 7

changes.mady.by.user Volodymyr Krupach

Saved on

compared with

New Version 8

changes.mady.by.user Mariia Korolishyna

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

P5 submissions do not receive any rewards for this program.

Target information

...

Info

The following findings are specifically excluded:

  • Access to exported calendar, including a private calendar (this is not a bug since the app was intended to share calendars with the public)

  • Testing privileges and REST services under admin accounts. Admins have rights to view, edit, and delete any data within their host Jira instance.

Note

Important! Theoretical assumptions and predictions will be ignored. We will only consider step-by-step scenarios that lead to concrete findings. Videos and screenshots are welcome.

  • Note: BrizoIT uses CVSS to consistently score security vulnerabilities. Where discrepancies between the VRT and CVSS score exist, BrizoIT will defer to the CVSS score to determine the priority.

Worth noting, Company Calendar Planner for Jira is designed to help people visualize any dates from Jira issues. It's a calendar-based organizer. While you may submit findings, it must have a clear threat or business impact for users; otherwise, it is likely to be marked as won't fix or informational.

Rules, Exclusions, and Scopes

...