Jenkins: >> Nested View >> 1.20 Security Vulnerabilities
Jenkins Nested View Plugin 1.20 through 1.25 (both inclusive) does not escape search parameters, resulting in a reflected cross-site scripting (XSS) vulnerability.
CVSS Score
6.1
EPSS Score
0.012
Published
2022-06-23
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks.
CVSS Score
7.1
EPSS Score
0.024
Published
2021-08-31