Vulnerabilities > Jenkins > Build With Parameters

DATE CVE VULNERABILITY TITLE RISK
2021-03-30 CVE-2021-21629 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Build With Parameters
A cross-site request forgery (CSRF) vulnerability in Jenkins Build With Parameters Plugin 1.5 and earlier allows attackers to build a project with attacker-specified parameters.
network
low complexity
jenkins CWE-352
8.8
2021-03-30 CVE-2021-21628 Cross-site Scripting vulnerability in Jenkins Build With Parameters
Jenkins Build With Parameters Plugin 1.5 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
network
low complexity
jenkins CWE-79
5.4