It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permission in Jenkins.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| cprice404:pipeline-classpath(Maven) | N/A | N/A | N/A |
CVSS Metrics
