Jenkins Generic Webhook Trigger Plugin跨站脚本漏洞

Jenkins is a Jenkins open source application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.A cross-site scripting vulnerability exists in Jenkins Generic Webhook Trigger Plugin 1.81 and earlier versions, which stems from the plugin’s lack of data validation filtering of user-supplied data and output. An attacker could use this vulnerability to obtain an administrator cookie.