-
Task
-
Resolution: Fixed
-
Minor
-
None
-
-
jenkins-2.254
In the tag "dropdownList", there is a hidden attribute "description" that can accept HTML and will interpret it.
It was deprecated by the introduction of help icon long time ago and is actually only used by one plugin with less than 10 installations.
- links to
[JENKINS-63220] Remove "unused" dangerous description from dropdownList
Link | New: This issue is related to SECURITY-1959 [ SECURITY-1959 ] |
Remote Link | New: This issue links to "#4878 in core (Web Link)" [ 25353 ] |
Remote Link | New: This issue links to "#7 in radargun-plugin (Web Link)" [ 25354 ] |
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
Description |
Original:
In the taglib "dropdownList", there is a hidden attribute "description" that can accept HTML and will interpret it. It was deprecated by the introduction of help icon long time ago and is actually only used by one plugin with less than 10 installations. |
New:
In the tag "dropdownList", there is a hidden attribute "description" that can accept HTML and will interpret it. It was deprecated by the introduction of help icon long time ago and is actually only used by one plugin with less than 10 installations. |
Released As | New: jenkins-2.254 | |
Resolution | New: Fixed [ 1 ] | |
Status | Original: In Review [ 10005 ] | New: Resolved [ 5 ] |