Description
Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.16.0 in Jenkins allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
Remediation
References
https://jenkins.io/security/advisory/2016-06-20/
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20
Related Vulnerabilities
CVE-2023-39685 Vulnerability in maven package org.hjson:hjson
CVE-2022-41934 Vulnerability in maven package org.xwiki.platform:xwiki-platform-menu-ui
CVE-2023-46652 Vulnerability in maven package org.jenkins-ci.plugins:lambdatest-automation
CVE-2017-11479 Vulnerability in npm package kibana
CVE-2023-37913 Vulnerability in maven package org.xwiki.platform:xwiki-platform-office-importer