-
Bug
-
Resolution: Unresolved
-
Major
The current version of this plugin contains multiple vulnerabilities:
- CSRF vulnerability and missing permission checks allow SSRF
- Arbitrary JSON and property file read vulnerability
- Stored XSS vulnerability
This is displayed on the plugin page as well as warning within the Jenkins UI itself.
- relates to
-
JENKINS-26683 Get rid of dependency on Extended Choice Parameter plugin
-
- Open
-
