RELEASED: Public: 2020-07-15
CloudBees Internal Ticket: [CTR-2018]
Fix stored XSS in Configure Global Security due to operations center Connection
A cross-site scripting (XSS) attack was possible in connected Masters by saving a malicious operations center URL in the global security configuration of connected Masters.
With this fix, the parameters causing the vulnerability are escaped.