Build Failure Analyzer Security Vulnerabilities and Issues — Build Failure Analyzer CVE List

Lucene search

JenkinsBuild Failure Analyzer

2 matches found

CVE•added 2020/09/01 2:15 p.m.•57 views

CVE-2020-2244

Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log indications.

5.4CVSS5.3AI score0.00171EPSS

CVE•added 2023/09/20 5:15 p.m.•46 views

CVE-2023-43499

Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not escape Failure Cause names in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or update Failure Causes.

5.4CVSS5.2AI score0.03536EPSS