Vulnerabilities > Jenkins > Embeddable Build Status > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-23 | CVE-2022-34178 | Cross-site Scripting vulnerability in Jenkins Embeddable Build Status 2.0.3 Jenkins Embeddable Build Status Plugin 2.0.3 allows specifying a 'link' query parameter that build status badges will link to, without restricting possible values, resulting in a reflected cross-site scripting (XSS) vulnerability. | 6.1 |
| 2019-07-11 | CVE-2019-10346 | Cross-site Scripting vulnerability in Jenkins Embeddable Build Status A reflected cross site scripting vulnerability in Jenkins Embeddable Build Status Plugin 2.0.1 and earlier allowed attackers inject arbitrary HTML and JavaScript into the response of this plugin. | 6.1 |