CVE-2017-1000107

Name of the Vulnerable Software and Affected Versions Script Security Plugin (affected versions not specified)

Description The issue concerns the Script Security Plugin, which failed to apply sandboxing restrictions to certain invocations, including constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could allow the invocation of arbitrary constructors and methods, effectively bypassing sandbox protection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.