Ah, I see. Thank you. Hoping I can easily find the way to revert it via commits history. We're not worried about the security issue, just the functionality.
On Thursday, May 19, 2022 at 3:46:53 AM UTC-5 db...@cloudbees.com wrote: > On Wed, May 18, 2022 at 10:02 PM adam.l...@gmail.com <adam.l...@gmail.com> > wrote: > >> But the way I read that is as a warning: subject to CSRF problems, be >> warned. I don't see any indication that GET has been disabled. >> >> What am I not seeing? >> > > With publication of the advisory, we suspended distribution of the plugin > for a while until the issues were fixed in release 3.0. The fix for this > was to require POST, which Jenkins applies CSRF protection to. Advisories > are not updated when previously unresolved issues are fixed, so it > still says that as of publication, there is no fix. > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/0b6c4e02-3280-4646-a33b-c7a4511dfcb7n%40googlegroups.com.
