Operations Center Server Cluster Operations

1 minute read

RELEASED: Public: 2020-03-25

Security fixes

  • CloudBees Internal Ticket: [CTR-1036]

  • Fix persistent XSS vulnerability in the List View

    The Operations Center Cluster Operations Plugin did not escape the click event on the Cluster Operation checkbox. This lapse resulted in a stored cross-site scripting vulnerability, exploitable by users with Overall/Administer permissions in Operations Center.

    The JavaScript code was changed to prevent this vulnerability.

New features


Resolved issues


Known issues


Upgrade notes