Operations Center Cluster Operations Plugin 2.204.2.111

1 minute read

Security fixes

  • CloudBees Internal Ticket: [CTR-1036]

  • Fix persistent XSS vulnerability in the List View (CTR-1036)

    The Operations Center Cluster Operations Plugin did not escape the click event on the Cluster Operation checkbox. This lapse resulted in a stored cross-site scripting vulnerability, exploitable by users with Overall/Administer permissions in Operations Center.

    The JavaScript code was changed to prevent this vulnerability.

New features

None

Resolved issues

None

Known issues

None