Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.16.0 in Jenkins allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer(Maven) | 0 | 1.16.0 | N/A |
CVSS Metrics
