CVE-2019-1003014
CVE-2019-1003014 covers a cross-site scripting vulnerability in Jenkins Config File Provider Plugin (versions 3.4.1 and earlier). The issue resides in src/main/resources/lib/configfiles/configfiles.jelly, enabling attackers who have permission to define shared configuration files to execute arbit...