Password displayed in clear text when logging in to a websudo session that has expired

2013-09-25T14:11:58
ID ATLASSIAN:JRASERVER-35005
Type atlassian
Reporter christoffer.soop
Modified 2017-02-20T02:52:03

Description

When entering the username/password in the websudo dialog after the user session has expired, JIRA displays all submitted values, including the password in clear text.

This is a breach in security; the password should never be displayed in clear text on a web page.