Jenkins Nested View Plugin 1.20 through 1.25 (both inclusive) does not escape search parameters, resulting in a reflected cross-site scripting (XSS)...
6.1CVSS
5.9AI Score
0.001EPSS
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE)...
7.1CVSS
7AI Score
0.001EPSS