Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-44245

Scriptler Plugin allows any Scriptler script to be executed as build step

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

       

      SECURITY-366
      Scriptler Plugin executes any Scriptler scripts specified for the Scriptler build step in job configurations even though it is documented to only allow specific scripts to be included.
      Users can therefore POST config.xml or use a similar approach to submit a job configuration containing a script that is not available from the UI. Additionally, jobs configured through the UI will continue to run specified scripts even after they have been reconfigured to not allow this inclusion.

        Attachments

          Activity

          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: imod
          Path:
          src/main/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilder.java
          http://jenkins-ci.org/commit/scriptler-plugin/d1986c8814824b461bce4e51293776ed99721de9
          Log:
          JENKINS-44245 / SECURITY-366 make sure script is allowed to be run in a builder

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: imod Path: src/main/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilder.java http://jenkins-ci.org/commit/scriptler-plugin/d1986c8814824b461bce4e51293776ed99721de9 Log: JENKINS-44245 / SECURITY-366 make sure script is allowed to be run in a builder

            People

            • Assignee:
              imod Dominik Bartholdi
              Reporter:
              imod Dominik Bartholdi
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: