Release plugin XSS vulnerability - alternatives?

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Release plugin XSS vulnerability - alternatives?

David Hearn



Jenkins is reporting that the Release plugin ( has a Stored XSS vulnerability ( meaning it may not be safe to use.  Given this plugin appears to have not been updated in 2 years, I’m not expecting any imminent security fixes.


Can anyone recommend any alternative plugins or methods to replicate what this plugin does?  Some of the particularly useful bits were input parameters for a release build – both dynamic and choices from a list, but I’m sure there’s other things which it made easier as well.





You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit