diff --git a/Jenkinsfile b/Jenkinsfile
index 8cf91b8e..f0fe1395 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,6 +1,6 @@
 buildPlugin(forkCount: '1C', configurations: [
   [ platform: "linux", jdk: "11", jenkins: null ],
   [ platform: "windows", jdk: "11", jenkins: null ],
-  [ platform: "linux", jdk: "11", jenkins: "2.387.3" ],
-  [ platform: "windows", jdk: "11", jenkins: "2.387.3" ]
+  [ platform: "linux", jdk: "11", jenkins: "2.452.1" ],
+  [ platform: "windows", jdk: "11", jenkins: "2.452.1" ]
 ]) 
diff --git a/pom.xml b/pom.xml
index 8d9de045..6a40151b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@
 
   <properties>
     <changelist>999999-SNAPSHOT</changelist>
-    <jenkins.version>2.387.3</jenkins.version>
+    <jenkins.version>2.452.1</jenkins.version>
     <gitHubRepo>jenkinsci/${project.artifactId}-plugin</gitHubRepo>
     <checkstyle.version>3.3.1</checkstyle.version>
     <spotbugs.effort>Max</spotbugs.effort>
@@ -45,8 +45,8 @@
     <dependencies>
       <dependency>
         <groupId>io.jenkins.tools.bom</groupId>
-        <artifactId>bom-2.387.x</artifactId>
-        <version>2312.v91115fa_5b_2b_6</version>
+        <artifactId>bom-2.452.x</artifactId>
+        <version>3080.vfa_b_e4a_a_39b_44</version>
         <scope>import</scope>
         <type>pom</type>
       </dependency>
@@ -143,7 +143,6 @@
     <dependency>
       <groupId>io.jenkins.plugins</groupId>
       <artifactId>font-awesome-api</artifactId>
-      <version>6.4.0-2</version>
     </dependency>
     <dependency>
       <groupId>io.jenkins.plugins</groupId>
diff --git a/src/test/java/hudson/plugins/claim/ClaimGroovyTest.java b/src/test/java/hudson/plugins/claim/ClaimGroovyTest.java
index f0272207..a2f9d334 100644
--- a/src/test/java/hudson/plugins/claim/ClaimGroovyTest.java
+++ b/src/test/java/hudson/plugins/claim/ClaimGroovyTest.java
@@ -8,6 +8,7 @@
 import jenkins.model.Jenkins;
 import net.sf.json.JSONObject;
 import org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript;
+import org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
@@ -18,14 +19,13 @@
 import org.kohsuke.stapler.StaplerResponse;
 
 import java.io.ByteArrayInputStream;
+import java.io.IOException;
 import java.lang.reflect.Field;
 
 import static junit.framework.TestCase.assertNull;
 import static junit.framework.TestCase.fail;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertEquals;
 import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.Assert.*;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
@@ -83,19 +83,26 @@ private void setUserCreationViaUrl(boolean value) {
     @Issue("JENKINS-43811")
     @Test
     public void userWithNoRunScriptsRightTest() throws Exception {
-        doConfigureScriptWithUser(ADMIN_WITH_NO_RUN_SCRIPT_RIGHTS);
+        doConfigureScriptWithUser(ADMIN_WITH_NO_RUN_SCRIPT_RIGHTS, false);
         assertNull(j.jenkins.getSystemMessage());
     }
 
     @Issue("JENKINS-43811")
     @Test
     public void userWithRunScriptsRightTest() throws Exception {
-        doConfigureScriptWithUser(ADMIN_WITH_ALL_RIGHTS);
+        doConfigureScriptWithUser(ADMIN_WITH_ALL_RIGHTS, false);
+        assertNull(j.jenkins.getSystemMessage());
+    }
+
+    @Issue("SECURITY-3103")
+    @Test
+    public void userWithRunScriptsRightApprovedTest() throws Exception, IOException {
+        doConfigureScriptWithUser(ADMIN_WITH_ALL_RIGHTS, true);
         assertEquals("pwned", j.jenkins.getSystemMessage());
     }
 
-    private void doConfigureScriptWithUser(String userName)
-            throws InterruptedException, java.util.concurrent.ExecutionException {
+    private void doConfigureScriptWithUser(String userName, boolean approve)
+            throws IOException, InterruptedException, java.util.concurrent.ExecutionException {
         try (ACLContext ctx = ACL.as(User.getOrCreateByIdOrFullName(userName))) {
             try {
                 ClaimConfig config = (ClaimConfig) j.jenkins.getDescriptor(ClaimConfig.class);
@@ -106,6 +113,18 @@ private void doConfigureScriptWithUser(String userName)
             }
         }
 
+        if (approve) {
+            var scriptApproval = ScriptApproval.get();
+            var pendingScripts = scriptApproval.getPendingScripts();
+            assertEquals(1, pendingScripts.size());
+
+            for (ScriptApproval.PendingScript it : pendingScripts) {
+                scriptApproval.approveScript(it.getHash());
+            }
+            pendingScripts = scriptApproval.getPendingScripts();
+            assertEquals(0, pendingScripts.size());
+        }
+
         String configXml = "<project>  <builders>\n"
                 + "    <hudson.tasks.Shell>\n"
                 + "      <command>EXIT 1</command>\n"