Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names.
CPE | Name | Operator | Version |
---|---|---|---|
pipeline_aggregator_view | le | 1.8 |