GHSA-WX66-PM7R-2Q82 Stored XSS vulnerability in Jenkins Extra Columns Plugin
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Additionally, a view containing such a job needs to be configured...