Vulnerabilities > Jenkins > Cppcheck
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-02 | CVE-2023-28678 | Cross-site Scripting vulnerability in Jenkins Cppcheck 1.26 Jenkins Cppcheck Plugin 1.26 and earlier does not escape file names from Cppcheck report files before showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control report file contents. | 5.4 |