-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Blocker
-
Component/s: scriptler-plugin
-
None
-
Environment:Jenkins ver. 2.46.1
Scriptler 2.9
This is a copy-paste from what Jenkins says (in main page or "Manager Jenkins"):
- Any user can add Scriptler scripts to build configurations
- Persistent cross-site scripting vulnerability
- Any Scriptler script can be executed as part of builds
- Cross-site request forgery vulnerabilities in Scriptler script management
- Arbitrary code execution vulnerability in rare circumstances
 Can you please make a new version that fixes the above? I would like to keep using Scriptler.
