Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-44245

Scriptler Plugin allows any Scriptler script to be executed as build step

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

       

      SECURITY-366
      Scriptler Plugin executes any Scriptler scripts specified for the Scriptler build step in job configurations even though it is documented to only allow specific scripts to be included.
      Users can therefore POST config.xml or use a similar approach to submit a job configuration containing a script that is not available from the UI. Additionally, jobs configured through the UI will continue to run specified scripts even after they have been reconfigured to not allow this inclusion.

        Attachments

          Activity

          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: imod
          Path:
          src/main/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilder.java
          http://jenkins-ci.org/commit/scriptler-plugin/d1986c8814824b461bce4e51293776ed99721de9
          Log:
          JENKINS-44245 / SECURITY-366 make sure script is allowed to be run in a builder

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: imod Path: src/main/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilder.java http://jenkins-ci.org/commit/scriptler-plugin/d1986c8814824b461bce4e51293776ed99721de9 Log: JENKINS-44245 / SECURITY-366 make sure script is allowed to be run in a builder

            People

            Assignee:
            imod Dominik Bartholdi
            Reporter:
            imod Dominik Bartholdi
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: