CVE-2019-10410: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
(updated )
Jenkins Log Parser Plugin 2.0 and earlier does not escape an error message, resulting in a cross-site scripting vulnerability exploitable by users able to define log parsing rules.
References
Detect and mitigate CVE-2019-10410 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →