Back to search
CVE-2023-25761
Published: Feb 15, 2023
Modified: Mar 19, 2025
PUBLISHED
Description
Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin.
| Vendor | Product | Versions |
|---|---|---|
Jenkins Project | Jenkins JUnit Plugin | affected unspecified - <= 1166.va_436e268e972unaffected 1119.1124.va_a_8ccde5658f |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now