...
If you are not careful, the result of such a JQL query unexpectedly might contain thousands of issue. Or the JQL query might fail, because the syntax has become invalid after the placeholders had been replaced.
| Anchor | ||||
|---|---|---|---|---|
|
TODO
JQL Injection
Further you must be aware of potential 'JQL injection':
JSU does not check any value which it retrieves from the current issue. A malicious user might craft the value of a field (for example the value of a text field), so that after the replacement it adds an additional criteria to your JQL query.
...