Vulnerabilities > Jenkins > Contrast Continuous Application Security > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-19 | CVE-2022-43420 | Cross-site Scripting vulnerability in Jenkins Contrast Continuous Application Security Jenkins Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control or modify Contrast service API responses. | 5.4 |