Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-28910

No permission check when displaying job related information

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • xpath-config-viewer-plugin
    • None
    • XPath Configuration Viewer plugin version: 1.1.1

      1. The XPath Configuration Viewer plugin displays the job related information without checking the permissions of the current user. Even if a user logs out it is still possible to call the URL https://jenkinsinstance:8080/xpathviewer/index# and to get all information.

            Unassigned Unassigned
            bernhardb Bernhard Berbuir
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: