Jenkins Agent Server Parameter Plugin 1.0 and earlier does not escape parameter names of agent server parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| io.jenkins.plugins:agent-server-parameter(Maven) | 0 | 1.1 | N/A |
CVSS Metrics
