GHSA-9523-474x-5h36
GitHub Security Advisory
Cross site scripting in Jenkins Mission Control Plugin
✓ GitHub Reviewed
MODERATE
Has CVE
Advisory Details
Jenkins Mission Control Plugin 0.9.16 and earlier does not escape job display names and build names shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to change these properties.
Affected Packages
Maven
tech.andrey.jenkins:mission-control-view
Affected versions:
0
(last affected: 0.9.16)
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: August 27, 2025 6:31 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.