Vulnerability
|
Host |
IP |
Port |
201701 |
201702 |
201703 |
201704 |
201705 |
201706 |
201707 |
Jenkins JDK / Ant Tools Job Configuration Stored XSS Vulnerability (SECURITY-624) |
<redacted> |
<redacted> |
TCP:8080 |
NO |
NO |
NO |
NO |
NO |
NO |
NO |
--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/58bf582a-a106-4f95-966a-07642c16e11c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Mark Waite
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/58bf582a-a106-4f95-966a-07642c16e11c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to a topic in the Google Groups "Jenkins Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/jenkinsci-users/fKY3_xmAPkk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to jenkinsci-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CAO49JtH_8yxLHf2umcysCn1Wn7N248jMSyDXa-ybz%3D0fA6fBaw%40mail.gmail.com.
Sorry Mark, not sure if you see "SECURITY-624" in the Table I posted. Here's the Jenkins Security Advisory:But then the Jenkins change log shows that with version 2.107, this was addressed (more than just a work around): https://jenkins.io/changelog/. We are at 2.107.1, but the scan is still tagging us on this issue.
Thanks,Eric
Mark Waite
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/58bf582a-a106-4f95-966a-07642c16e11c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to a topic in the Google Groups "Jenkins Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/jenkinsci-users/fKY3_xmAPkk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CAO49JtH_8yxLHf2umcysCn1Wn7N248jMSyDXa-ybz%3D0fA6fBaw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CAByBicY5ssbsUW9QVUiKsRuqRKvc0LT8UapxRghJDo-5TOx%2B-Q%40mail.gmail.com.
Mark Waite
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/58bf582a-a106-4f95-966a-07642c16e11c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to a topic in the Google Groups "Jenkins Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/jenkinsci-users/fKY3_xmAPkk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to jenkinsci-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CAO49JtH_8yxLHf2umcysCn1Wn7N248jMSyDXa-ybz%3D0fA6fBaw%40mail.gmail.com.
--
You received this message because you are subscribed to a topic in the Google Groups "Jenkins Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/jenkinsci-users/fKY3_xmAPkk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to jenkinsci-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/6C4A6238-491C-4F1F-9B47-28D051532931%40beckweb.net.