Summary 🌟
In this release note, we introduce improved filtering, and several bug fixes. Highlights include enhanced card layouts, SAML user verification, JQL filtering, and updates to the comment editor. Key CSS fixes address dark mode issues and improve display consistency, while security vulnerabilities and functionality bugs have been resolved to enhance system stabilityNotable updates include security vulnerability fixes, and improved CSS styling.
...
Improvements 
Improved
...
Visual & Layout
We added text input support for label filtering in JQL. Previously, labels couldn't have spaces or special characters, causing errors. Now it allows more flexible label usage.
Improved boards: strikethrough for "Done" status
We added strikethrough text to the status of issues marked as "Done" on both boards and custom boards. This improvement distinguishes completed tasks from ongoing ones.
...
Tasks marked as "Done" now show with a strikethrough, now it’s easy to distinguish if tasks are completed.
...
We have also improved the scroll behavior on the timeline table. Both horizontal and vertical scrolls are now visible.
Card layouts are now evenly distributed across the page for a cleaner look. Also, a new icon has been introduced for "no result" in the dashboard.
...
Improved user verification
We have improved the SAML workspace setup process by introducing a mandatory user verification stepfor creating or joining new SAML workspaces. Only authorized users can create or join a new SAML workspace.
Improved
...
filtering for the filter/JQL share view
Previously, once a link is added, you couldn’t change how they were placed. Now, you can easily rearrange links to improve organization.
Implemented a confirmation popup for the "Restore default values" button in Global Settings > Page Customization. This change prevents accidental loss of changes by requiring user confirmation before resetting settings to default.
Added JQL filter by field
Introduced filtering by fields visible in the table, including text fields for User (without autocomplete), Project, Label, Priority, Status, Issue Type, and date-time pickers for filtering by after/before. Additionally, fields like Fix Version and Components are included You can now filter by additional fields, including user, project, and status, allowing for more precise searches.
...
Improved user experience
Removed category-based filtering in configuration views, making all configurations visible regardless of the selected share type. This ensures that JSM-specific options are accessible when share types include support tickets, improving usability across all views.
Swapped the current markdown editor for our custom Contract Signature WYSIWYG editor for comments and description editing. This change introduces better customization options, a tailored toolbar, and improved ADF ↔︎ HTML conversion.
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
| key | ESFJ-325 |
|---|
|
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
| key | ESFJ-1067 |
|---|
|
Renamed column if_share_link_enabled to share_link_enabled
Updated the column name in the shared_issue table from if_share_link_enabled to share_link_enabled to remove confusion caused by the "if_" prefix, which incorrectly suggested it was an issue field.
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
| key | ESFJ-1023 |
|---|
|
CSS Styling
Fixed priority field size issue
Adjusted the Priority field size to fit within the details section boundaries. Also resolved display issues with long text for reporter, assignee, and labels. Updated the class name from ‘user-name’ to ‘user-text’ due to CSS dependencies, which has affected automation tests.
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
| key | ESFJ-878 |
|---|
|
Fixed dark mode CSS styling issues
We fixed CSS styling issues in dark mode where "Issue Type - Description" and "Timeline - Filters" had unreadable whitish backgrounds with gray text. The colors are now adjusted for better visibility and readability.
Improved card Layout
Improved the card layout for even distribution across the page. This update ensures that cards are organized neatly and the layout is responsive to various screen sizes.
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
| key | ESFJ-859 |
|---|
|
Redesigned icon for 'no result' in dashboard
We have replaced old ES icon with magnifier icon.
Updated scroll behavior for timeline table
Changed the scroll behavior on the timeline table to always display the horizontal scroll. Both horizontal and vertical scrolls are now visible.
Redesigned error pages for detailed information
Error pages are redesigned to view issue with respective message like license expired, Atlassian reload required, version mismatch. Applied for a view for both light and dark mode.
Bug Fixes
...
In Global Settings - Page Customization, links can now be rearranged via drag-and-drop. Also, We added a confirmation popup for the "Restore all default values?" button to prevent accidental resets.
...
We have redesigned error pages with more detailed information.
We replaced the markdown editor with a custom editor, allowing for more customized comment formatting.
Bug Fixes
Security Fixes
Resolved a null pointer occurring in the filter view when time tracking fields are null. Now, the system safely handles null fields, preventing crashes in the filter view.
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
| key | ESFJ-1137 |
|---|
|
Fixed: delayed response causes duplicate share creation
The 'Create ES Board' button is now disabled and greyed out immediately after the first click to prevent multiple submissions caused by repeated clicks during a delayed response.
...
Fixed issues where unauthorized users could delete shares or change board settings, and corrected a security issue so attackers won’t be able to access or change settings.
Fixed XSS vulnerability
Previously, when users entered Resolved an XSS vulnerability triggered when creating an external share link with a project name in the search input, an error page was displayed. After the fix, the system now correctly displays issues or results from the searched project as expected. Additionally, filtering using multiple projects via JQL is now fully supported without errors.
...
containing an XSS payload.
Fixed SMTP issue
Fixed an issue where custom SMTP email settings blocked watcher notifications from being sent to external users. Notifications now work correctly with any SMTP setup.
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
| key | ESFJ-1015 |
|---|
|
...
Fixed filter error
We resolved an issue where the comment author prefix was not appearing in Jira when comments were added via External Share. After the fix, comments now correctly display the author's name.
Fixed issue with allowCreateNewIssue field not set during share creation
We resolved an issue where the allowCreateNewIssue field was not being set during the creation of a new share in Jira. This caused the permission to create new issues via the external share to remain disabled by default. Previously, when users entered a project name in the search input, an error page was displayed. After the fix, the allowCreateNewIssue field is correctly set during share creation, ensuring that the intended permissions are applied consistently.
Custom board - unable to start watching issues
Previously, attempting to watch issues resulted in an error. This bug has been fixed, and users can now successfully watch all issues on custom boards without errors.
Fixed frontend error: 'undefined' provided instead of stream
We resolved an error where 'undefined' was given instead of a valid stream type
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
| key | ESFJ-1071 |
|---|
|
Security Fixes
Unauthorized Share Deletion Vulnerability Fixed
Prevented users with customer privileges from deleting external shares without Jira access using a valid JWT.
Unauthorized Modification of Board Card Settings Vulnerability Fixed
Fixed a vulnerability where Jira Service Desk users could modify board card settings without permission. Now, only authorized users can change settings.
Cross-Instance IDOR Vulnerability Fixed
We fixed a critical vulnerability that allowed attackers from one Jira instance to modify external share settings or access API key usage data in another instance.
Fixed XSS Vulnerability in External Share Link Creation
Resolved an XSS vulnerability triggered when creating an external share link with a project name containing an XSS payload. This prevents malicious scripts from executing in shared links.
CSS Styling Fixes
...
system now correctly displays issues or results. Also, fixed an issue where null values in time tracking fields caused crashes in the filter view.
CSS Fixes
...
Fixed an issue where extra space appeared when using the "Group By" filter on
...
...
...
Sometimes, issue type icons were not shown on the board, issue view, JQL, and roadmap when opening a shared link without logging into ESFJ. This issue has been resolved, and icons now display properly.
Fixed Text and Code Snippet Overflow in Comment Section
...
wrong color text format tab appeared in dark mode.
Fixed display issues where icons for issue types were not showing up properly in shared links.
Fixed an issue where long text and code snippets overflowed in
...
...
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
| key | ESFJ-629 |
|---|
|
...
Resolved Fixed an issue where the text format tab appeared white in the "Create Issue" tab on the Board/Timeline External share page in Dark mode. The text format tab now displays correctly, ensuring proper visibility in Dark mode.
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
| key | ESFJ-616 |
|---|
|
...
author's name was missing from comments.
Fixed multiple submission issue
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | b66650ca-af1e-397f-81f5-9d94924a0a26 |
|---|
key | ESFJ-1130The 'Create External Share Board' button is now disabled immediately after the first click to prevent multiple submissions due to delayed response.
