Release Notes for Countdown Timer 1.7.1

Summary

A cross-site scripting (XSS) vulnerability has been identified and fixed in Countdown Timer.

This vulnerability is rated as Medium according to Atlassian's Severity Levels for Security Issues.

In order to exploit this, users must have permissions to edit content within Confluence

Affected versions:

Fixed versions:

Acknowledgement:

We would like to acknowledge Roman Ferdigg from SEC Consult for reporting this vulnerability.

Key	Summary	T	Status	Resolution
Data cannot be retrieved due to an unexpected error. View these issues in Jira