Oct 19, 2022 · Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call is to be ...
Feb 15, 2023 · This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates.
Security for in-process scripting is provided by two different mechanisms: the Groovy Sandbox and Script Approval. The first, the Groovy Sandbox, is enabled by ...
Missing: web | Show results with:web
Nov 21, 2019 · This allowed attackers able to specify and run sandboxed scripts to execute arbitrary code in the context of the Jenkins controller JVM. These ...
In limited testing, it was necessary to at least allow style-src 'unsafe-inline' . Depending on the site's content, more relaxed rules may be necessary. sandbox ...
Sep 7, 2021 · Allows Jenkins administrators to control what in-process scripts can be run by less-privileged users. Plugin Information.
Missing: /search | Show results with:/search
Mar 29, 2024 · The Active Choices plugin is used in parametrized freestyle Jenkins jobs to create scripted, dynamic and interactive job parameters.
Missing: /search | Show results with:/search
Feb 15, 2023 · 1. Configure Splunk Server · Enter Hostname, Port, and Token · Check "Raw Events Supported" if you are using Splunk version 6.3. · SSL is enabled ...
Missing: web | Show results with:web
Aug 7, 2019 · Description: Configuration as Code Plugin logs the changes it applies to the Jenkins system log. Secrets such as passwords should be masked ( ...
Sep 22, 2020 · ... Security-Policy" header with secure policies; Download the relevant security patch for your web server or web application. Remove business ...
Missing: /search | Show results with:/search