Maven package
org.jenkins-ci.plugins/jacoco
pkg:maven/org.jenkins-ci.plugins/jacoco
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-28669 | — | < 3.3.2.1 | 3.3.2.1 | Mar 23, 2023 | Jenkins JaCoCo Plugin 3.3.2 and earlier does not escape class and method names shown on the UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control input files for the 'Record JaCoCo coverage report' post-build action. |
- CVE-2023-28669Mar 23, 2023affected < 3.3.2.1fixed 3.3.2.1
Jenkins JaCoCo Plugin 3.3.2 and earlier does not escape class and method names shown on the UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control input files for the 'Record JaCoCo coverage report' post-build action.