CVE-2021-21666

Summary

Jenkins Kiuwan Plugin 1.6.0 and earlier does not escape query parameters in an error message for a form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Kiuwan Pluginunspecified <= 1.6.0affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References