2 matches found
com.cloudbees.plugins:build-flow-plugin (>=0.10 <=0.11.1), org.jenkins-ci.plugins:build-flow-extensions-plugin (=0.1.1) potentially affected by CVE-2026-48927 via org.jenkins-ci.plugins:buildgraph-view (=1.0)
org.jenkins-ci.plugins:buildgraph-view MAVEN version =1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:buildgraph-view and may be impacted: - com.cloudbees.plugins:build-flow-plugin =0.10, =0.11.1 -...
CVE-2026-48927
CVE-2026-48927 affects the Jenkins plugin buildgraph-view up to version 1.8. The issue is that the plugin does not escape the build URL, leading to a stored cross-site scripting (XSS) vulnerability when a user with permission can configure jobs or views. According to the sources, this vulnerabili...