CVE-2026-42524
Vulnerability Description
Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Vulnerability Details
Published Date
Last Modified
Source
NVD
Vendor
Jenkins Project
Product
Jenkins HTML Publisher Plugin
Discussion (0)
Add Comment
No comments yet. Be the first!