GHSA-79rm-f26g-296p
GitHub Security Advisory
Jenkins Maven Release Plugin vulnerable to Cross-site Scripting
✓ GitHub Reviewed
MODERATE
Has CVE
Advisory Details
A stored cross site scripting vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier allowed attackers to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins.
Variables on affected views are now escaped.
Affected Packages
Maven
org.jenkins-ci.plugins.m2release:m2release
Affected versions:
0
(fixed in 0.15.0)
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: July 5, 2025 6:26 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.