CVE-2023-28678
Description
Jenkins Cppcheck Plugin 1.26 and earlier does not escape file names from Cppcheck report files before showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control report file contents.
Related CPE's
Could not find any relations
CvssV3 impact
Could not find any metrics
CvssV2 impact
Could not find any metrics