Vulnerabilities > Jenkins > Embeddable Build Status > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-34178 Cross-site Scripting vulnerability in Jenkins Embeddable Build Status 2.0.3
Jenkins Embeddable Build Status Plugin 2.0.3 allows specifying a 'link' query parameter that build status badges will link to, without restricting possible values, resulting in a reflected cross-site scripting (XSS) vulnerability.
network
low complexity
jenkins CWE-79
6.1
2019-07-11 CVE-2019-10346 Cross-site Scripting vulnerability in Jenkins Embeddable Build Status
A reflected cross site scripting vulnerability in Jenkins Embeddable Build Status Plugin 2.0.1 and earlier allowed attackers inject arbitrary HTML and JavaScript into the response of this plugin.
network
low complexity
jenkins CWE-79
6.1