Cross-site Scripting (XSS)

jenkins-core is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the addHyperlink function of AbstractMarkupText.java which does not properly escape the URLs before being rendered, allowing an attacker to inject and execute malicious JavaScript...