Vulnerabilities > Jenkins > Cppcheck

DATE CVE VULNERABILITY TITLE RISK
2023-04-02 CVE-2023-28678 Cross-site Scripting vulnerability in Jenkins Cppcheck 1.26
Jenkins Cppcheck Plugin 1.26 and earlier does not escape file names from Cppcheck report files before showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control report file contents.
network
low complexity
jenkins CWE-79
5.4