Versions Compared

Old Version 2

changes.mady.by.user Yoonjeong Bae

Saved on

compared with

New Version Current

changes.mady.by.user Yoonjeong Bae

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
stylenone

Summary 🌟

In this release note, we’ve improved the contract creation UI and , security by masking sensitive data, and redesigned various UI elements including error pages and icons. As for bug fixes, XSS vulnerabilities, OAuth errors and unauthorized access from Jira Service Desk customer session tokens resolvedfixies, 400 Bad Request error has been fixed.

...

Improvements (blue star)

Improved UI for adding new signers

...

Status
colourBlue
titleIMPROVED

Previously on the contract creation view, it was essential to define numbers of signers, click “Create,” and then move to a dialog to fill in signer details. Now users are taken directly to the contract details screen, where they can add signers.

...

Improved security

...

Status
colourBlue
titleIMPROVED

We have improved the security of our system by masking sensitive data. This includes IP Addresses, name, phone numbers , secrets. They are now masked in the .toString() methodand secrets.

Redesigned icon for 'no result' in dashboard
Status
colourBlue
titleIMPROVED

We have replaced old icon with magnifier icon.

...

Improved security verification
Status
colourBlue
titleIMPROVED

We have introduced an additional security check in the AtlassianAuthHandler by verifying a special boolean condition URL parameter. This enhancement ensures that direct calls from Atlassian Jira to our app maintain security integrity without impacting functionality. checking method.

Redesigned error pages for detailed information
Status
colourBlue
titleIMPROVED

Error pages are redesigned to view issue page with respective message like license expired, Atlassian reload required, version mismatch. Applied for a view for both light and dark mode.

...

Bug Fixes (blue star)

...

...

We have resolved a stored XSS vulnerability in the "Person" name field on contract pages.

Fixed OAuth Error
Status
colourGreen
titleFIXED

We resolved an issue where users encountered a 400 Bad Request error. The fix ensures preventing unauthorized requests.

...

unauthorized

...

Status
colourGreen
titleFIXED

We have fixed an issue where Jira Service Desk customers with "customer" privileges could access contracts linked to their requests without authorization. Now, only authorized users can access and manage contracts, preserving the confidentiality of sensitive contractual information and preventing unauthorized actions.