1 results (0.001 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability. Jenkins BART Plugin 1.0.3 y versiones anteriores no escapan del contenido analizado de los registros de compilación antes de representarlos en la interfaz de usuario de Jenkins, lo que genera una vulnerabilidad de Cross-Site Scripting (XSS) almacenada. • http://www.openwall.com/lists/oss-security/2022/11/15/4 https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2802 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •