Cross-site Scripting (XSS)

Overview org.jenkins-ci.plugins:buildgraph-view is a plugin that computes a graph of related builds starting from the current one, and render it as a graph. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to not escaping the build URL.This results in a stored...

PT-2026-44020

Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or views...

GHSA-4J4G-FP93-QVRW Jenkins buildgraph-view Plugin vulnerable to stored Cross-site Scripting

Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored cross-site scripting vulnerability exploitable by users able to change build descriptions...

CVE-2019-16562

Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descriptions...

CVE-2019-16562

Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descriptions...

CVE-2019-16562

CVE-2019-16562 affects Jenkins buildgraph-view Plugin versions 1.8 and earlier. The vulnerability is a stored XSS where descriptions of builds are not escaped in the plugin’s view, exploitable by users who can modify build descriptions. Public references corroborate the issue across Red Hat, GitH...

PT-2019-14717 · Jenkins · Jenkins Buildgraph-View Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins buildgraph-view Plugin versions 1.8 and earlier Description: The issue results in a stored cross-site scripting vulnerability. It occurs because the plugin does not escape the description of builds shown in its view. This makes it...