Cross-site Scripting
Jenkins ECharts API Plugin does not escape the parser identifier when rendering charts, resulting in a stored cross-site scripting vulnerability.
Advisories for Maven/Io.jenkins.plugins/Echarts-Api package
2020
Cross-site Scripting
Jenkins ECharts API Plugin does not escape the display name of the builds in the trend chart, resulting in a stored cross-site scripting vulnerability.