Cross-site Scripting
Jenkins Compatibility Action Storage Plugin does not escape the content coming from the MongoDB in the testConnection form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability.
Advisories for Maven/Org.jenkins-Ci.plugins/Compatibility-Action-Storage package
2020