RELEASED: Public: 2020-07-15
Security fixes
-
CloudBees Internal Ticket: [CTR-1646]
-
Fix persistent XSS vulnerability in connected controllers
A cross-site scripting (XSS) attack was possible in connected controllers by saving a malicious connected controller display name in operations center.
With this fix, the JavaScript code was changed to prevent this vulnerability.