Community
Participate
Working Groups
Created attachment 254905 [details] Hudson 2.2.0 HTML Tag Injection Vulnerability Hudson URL was detected as vulnerable to HTML Tag Injection according to a HP Fortify security scan conducted recently. Please see attached results.
Are there any updates regarding this issue? Thanks
Hi Jeff, we no longer support v2.2.0. The last 2.x release was almost 5 years ago. Hudson 3.3.0 is the latest release and it has gone through rigorous security testing. The one you reported is fixed in Hudson 3.x