3.6.4 (Security fixes)
- As a result of deep research to find security vulnerabilities in the app some URLs have been fixed to avoid potential XSRF attacks to Jira administrators. Read more...
- In addition, the packed SQL+JQL Driver has been updated to the 9.6.0 version which also fixes critical vulnerabilities in the Driver.
3.6.3 (Security fix)
- FIX: It was possible to perform an XSS attack from one URL. Credits for Ivan Rumak and Alexey Rumak that reported it via https://detectify.com/. Thank you!
...