I don't think one XSS vulnerability in a plugin with 26 installations is impactful enough to justify a suspension of the plugin.
Someone may always adopt the plugin to modernize it and mitigate the vulnerability. On Monday, 20 February 2023 at 19:30:37 UTC+1 [email protected] wrote: > 26 installs, xss warning and still targeting 1.x. It showed up when I > looked up plugins for "version" > and I was wondering why we are keeping it around? > > Gavin > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/d435b603-6d74-46cb-a2f1-274ff4361709n%40googlegroups.com.
