CVE-2023-33007

Publication date

2023-05-16 16:00:22

Family

jenkins

State

PUBLISHED

Description

Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.