myjenkins: Some installed plugins have security issues
Closed this issue · 2 comments
gmacario commented
gmacario commented
From https://wiki.jenkins-ci.org/display/JENKINS/Scriptler+Plugin
Older versions of this plugin may not be safe to use.
Please review the following warnings before using an older version:
- Persistent cross-site scripting vulnerability
- Any user can add Scriptler scripts to build configurations
- Any Scriptler script can be executed as part of builds
- Cross-site request forgery vulnerabilities in Scriptler script management
- Arbitrary code execution vulnerability in rare circumstances
From https://wiki.jenkins-ci.org/display/JENKINS/Build+Flow+Plugin
Deprecated: Users should migrate to https://wiki.jenkins-ci.org/display/JENKINS/Pipeline+Plugin