[JIRA] (JENKINS-16722) New users in people list after security scan

[adam.mur...@redgiantmobile.com (JIRA)]

Adam Murphy created JENKINS-16722 New users in people list after security scan Issue Type: Bug Assignee: Unassigned Attachments: Screen Shot 2013-02-07 at 4.37.15 PM.png Components: core Created: 08/Feb/13 10:50 PM Description: After running a security scan of our instance of Jenkins there were users in the people list that should not be there. We can recreate the issue but are unable to collect information pertinent to pointing exactly to how the users ended up in the system. We're willing to provide additional information with guidance from the project. This may be an issue of security since each of those people are assigned an API key. If there was a way to obtain the API key then the method by which the scanner was able to create the users in the people list could eventually lead to access. Project: Jenkins Priority: Major Reporter: Adam Murphy

This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira

--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.