Vulnerabilities > Jenkins > Flaky Test Handler > 1.2.0

DATE CVE VULNERABILITY TITLE RISK
2023-08-16 CVE-2023-40342 Cross-site Scripting vulnerability in Jenkins Flaky Test Handler
Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control JUnit report file contents.
network
low complexity
jenkins CWE-79
5.4
5.4
2022-03-29 CVE-2022-28140 XXE vulnerability in Jenkins Flaky Test Handler
Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
network
low complexity
jenkins CWE-611
8.1
8.1