In Jenkins 2.340 up to and including 2.355 (both inclusive) symbol-based icons unescape previously escaped values of 'tooltip' parameters, resulting in a cross-site scripting (XSS) vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins jenkins |