CVE-2018-1000108: Cross-site Scripting
(updated )
A cross-site scripting vulnerability exists in the Jenkins CppNCSS Plugin that allows an attacker to craft links to Jenkins URLs that run arbitrary JavaScript in the user’s browser when accessed.
References
Detect and mitigate CVE-2018-1000108 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →