Bryce Schober added a comment - 2016-06-01 21:56 I have this problem on Jenkins 1.651.2 as well. Unfortunately, I already discarded my old data, so I'm not sure I can downgrade. I tried setting keepUndefinedParameters to true as a test mentioned in for SECURITY-170 , but that didn't change things. And when I try println(hudson.model.ParametersAction.keepUndefinedParameters) , I get a groovy.lang.MissingPropertyException

Johnny Baloney added a comment - 2016-10-25 16:17 The plugin did not appear to work for me on fresh installations of Jenkins versions 1.651.2 or 1.651.3 (courtesy of Docker ). It worked fine with 1.651.1 . Printing environment variables with env did not show the preset variables from the upstream job and the parameters link on the job page showed an empty Parameters window. However , the Jenkins logs showed: Oct 25, 2016 3:39:00 PM hudson.model.ParametersAction filter WARNING: Skipped parameter `foo` as it is undefined on `DOWNSTREAM_JOB`. Set `-Dhudson.model.ParametersAction.keepUndefinedParameters`=true to allow undefined parameters to be injected as environment variables or `-Dhudson.model.ParametersAction.safeParameters=[comma-separated list]` to whitelist specific parameter names, even though it represents a security breach Running Jenkins with: java -Dhudson.model.ParametersAction.keepUndefinedParameters=true -jar /usr/share/jenkins/jenkins.war solved the problem. I think the plugin page needs updating to mention this change in plugin behaviour or to make it more visible if it does already.

Stephan Krull added a comment - 2016-12-29 09:13 @ huybrechts , ci_jenkinsci_org : Any news on that one? I think it is important to add a note to the WIKI page, at least. It is more adviseable to fix any outstanding implementations for SECURITY-170 (see here ).

Oleg Nenashev added a comment - 2017-06-25 21:36 Closing as a duplicate