Closed XmiliaH closed 5 years ago
@XmiliaH Thanks for the report! Fixed in https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20(1)
As you may have noticed, this issue tracker is not well monitored. In the future, please report issues as described on https://jenkins.io/security/#reporting-vulnerabilities
Would you like to be credited with this discovery in the security advisory, and if so, how?
The following script can read files, even with a DenyAll filter
Expected output:
RuntimeException: Denied
Output:[Super Secret]
Using groovy-3.0-alpha-4 & Java 1.8