Details for JM-1506?

Are there any details available for JM-1506?

If this is confidential, send me an Email or PM. I will see if I can help.

I wonder how XSS can be a blocker or confidential as long as authentication works as expected. I’m quite sure that no one send’s me an URL to my server to exploit these issues.