CVE-2019-16564

Summary

Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Pipeline Aggregator View Pluginunspecified <= 1.8affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References