GHSA-j923-26c2-qq9p
GitHub Security Advisory
Jenkins BART Plugin vulnerable to cross-site scripting (XSS)
✓ GitHub Reviewed
HIGH
Has CVE
Advisory Details
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability. Currently, there are no known workarounds or patches available.
Affected Packages
Maven
org.jenkins-ci.plugins:bart
Affected versions:
0
(last affected: 1.0.3)
Related CVEs
Key Information
7.5
/10
Dataset
Last updated: August 25, 2025 6:33 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.