CVE-2018-1000177
CVE-2018-1000177 affects Jenkins S3 Plugin 0.10.12 and older. The vulnerability arises in src/main/resources/hudson/plugins/s3/S3ArtifactsProjectAction/jobMain.jelly where file names displayed in the UI can be controlled by an attacker, allowing JavaScript to be executed in a user’s browser durin...