A bug affecting all previous versions of ScriptRunner for Bitbucket that presented a potential security vulnerability has been fixed in this release. The bug allowed the repository and project administrators to update the user information of other users, specifically in relation to avatars.
See the full list of features and fixes in our release notes for 8.12.0