Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in io.jenkins.plugins:folder-auth.
Advisories for Maven/Io.jenkins.plugins/Folder-Auth package
2022
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Jenkins Folder-based Authorization Strategy Plugin 1.3 and earlier does not escape the names of roles shown on the configuration form, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.