CVE-2025-53658

Publication date

2025-07-09 15:39:31

Family

jenkins

State

PUBLISHED

Description

Jenkins Applitools Eyes Plugin 1.16.5 and earlier does not escape the Applitools URL on the build page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.