Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descriptions.
CPE | Name | Operator | Version |
---|---|---|---|
buildgraph-view | le | 1.8 |