CVE-2017-1000386

Name of the Vulnerable Software and Affected Versions Jenkins Active Choices plugin versions 1.5.3 and earlier

Description The issue allows users with Job/Configure permission to insert arbitrary HTML, including JavaScript, into the 'Build With Parameters' page through the 'Active Choices Reactive Reference Parameter' type. To mitigate this, the Active Choices plugin now sanitizes the HTML if the script is executed in a sandbox. However, for unsandboxed scripts, which require administrator approval, it is the administrator's responsibility to manage potentially problematic script output.

Recommendations For Jenkins Active Choices plugin versions 1.5.3 and earlier, ensure that all scripts are executed in a sandbox to enable HTML sanitization. As a temporary workaround, consider restricting the use of the 'Active Choices Reactive Reference Parameter' type until a more permanent solution is applied. Administrators should carefully review and approve unsandboxed scripts to prevent the execution of arbitrary JavaScript.