You are viewing documentation for WBS Gantt-Chart for Jira Cloud. For Server or Data Center, choose from documentation home.


Release notes : WBS Gantt-Chart for Jira Cloud 1.1.6-AC

Release date

Apr 15, 2020

Summary

Bugs fixes and improvements

Details

Improvements

  • Use Bulk Create for batch creation operations

  • Bulk data deletion

Bug fixes

  • Wrong name of dependency when copying multiple tickets

  • Lack of proper authorization/ID pin bruteforce/clientid IDOR/tablename enumeration leads to PII Data leak.

  • Priv escalation - Low privilege users can takeover administrators grant (and from any other users too)

  • Stored XSS in any Column ID at (any) Gantt main page

  • IDOR + STORED XSS in any column at gantt configuration page

  • Non-privileged users can overwrite other users' Gantts -- in Gantt creation function

  • Not possible to delete the values of 2 tickets or more consecutively in "single version"

  • "administrators" should have permission to create Gantt

  • Color setting rank was not saved

  • Cannot import MS Project file

  • No dependencies after importing MPP file

  • XSS Stored in Gantt Configuration through the name on Color Children bar

  • The WBS number changes immediately after selecting a template and creating a ticket

  • Planned date on Jira issue screen of the ticket created from the ticket line with the milestone does not appear as a value

  • The epic link is not created when copying the epic and its subordinate tickets.