A form validation endpoint in Jenkins Queue cleanup Plugin 1.3 and earlier does not properly escape a query parameter displayed in an error message, resulting in a reflected XSS vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
queue-cleanup-plugin | eq | queue-cleanup-1.3 | |
queue-cleanup-plugin | eq | queue-cleanup-1.0 | |
queue-cleanup-plugin | eq | queue-cleanup-1.2 |