Carl Nykvist

**Name of the Vulnerable Software and Affected Versions** User Management for Jira versions 2.0.0 through 2.17.1 User Management for Confluence versions 2.0.0 through 2.15.24 User Management for Bitbucket versions 2.2.2 through 2.15.24 **Description** The TechTime User Management components for Atlassian products are affected by a stored XSS issue on the Bulk User Actions page. **Recommendations** For User Management for Jira versions 2.0.0 through 2.17.1, update to a version outside of this range to resolve the issue. For User Management for Confluence versions 2.0.0 through 2.15.24, update to a version outside of this range to resolve the issue. For User Management for Bitbucket versions 2.2.2 through 2.15.24, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the Bulk User Actions page until a patch is available.