CVE-2018-1000108
Jenkins CppNCSS Plugin 1.1 and earlier is affected by a cross-site scripting (XSS) vulnerability in AbstractProjectAction/index.jelly. An attacker can craft links to Jenkins URLs that, when clicked by a user, execute arbitrary JavaScript in the user’s browser. The issue is documented across multi...