5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.0%
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape button labels in the Jenkins UI, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with the ability to control button labels.
www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2035