2 matches found
CVE-2021-21660
Jenkins Markdown Formatter Plugin 0.1.0 and earlier does not sanitize crafted link target URLs, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with the ability to edit any description rendered using the configured markup formatter...
CVE-2021-21660
The CVE-2021-21660 entry concerns Jenkins Markdown Formatter Plugin versions 0.1.0 and earlier. The vulnerability arises because the plugin does not sanitize crafted link target URLs, causing a stored cross-site scripting (XSS) flaw. Exploitation requires the attacker to have the ability to edit ...