GHSA-wrr5-p265-7252, CVE-2019-10325
maven/io.jenkins.plugins/warnings-ng
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attacker with Job/Configure permission to inject arbitrary JavaScript in build overview pages.
All versions up to 5.0.0
Upgrade to version 5.1.0 or above.
2024-01-31
source |