PT-2019-11796 · Cloudbees +1 · Jenkins
Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.196 and earlier Jenkins LTS versions 2.176.3 and earlier Description: The issue allows for a stored XSS vulnerability due to the f:combobox form control interpreting its item labels as HTML. This can be exploited by users w...