Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.5.1 for Jenkins allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
Jenkins
XSS
Build Failure Analyzer
NVD
CVSS 2.0
3.5
EPSS
0.2%