Jenkins: >> Simple Queue >> 1.1 Security Vulnerabilities
A cross-site request forgery (CSRF) vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-04-02
Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with View/Create permission.
CVSS Score
8.0
EPSS Score
0.014
Published
2024-11-27