Cross-Site Request Forgery in Jenkins Credentials Plugin

Jenkins Credentials Plugin prior to 2.3.19, 2.3.15.1, 2.3.14.1, 2.3.13.1, 2.3.7.1, and 2.3.0.1 does not escape user-controlled information on a view it provides, resulting in a reflected cross-site scripting XSS vulnerability. Jenkins Credentials Plugin 2.3.19, 2.3.15.1, 2.3.14.1, 2.3.13.1,...

CVE-2021-21648

The reflected cross-site scripting XSS vulnerability was found in jenkins credentials plugin. On a view it there is no escape from provided by user information user-controlled...