Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-23475

Can bypass permission check of CopyArtifact with WebAPI/CLI

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • copyartifact-plugin
    • None
    • Copyartifact 1.30

      When specifying a project name to copy artifacts from without a variable, permission check is performed at configuration time.
      That check is performed in the constructor of CopyArtifact, and can be bypassed using WebAPI, which does not trigger the constructor (triggers readResolve instead).

      update: can be bypassed also with CLI.

            ikedam ikedam
            ikedam ikedam
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: