Jenkins states that the plugin has a CVE where not escaping project names in 'build_now' results in a reflected cross-site scripting vulnerability. https://www.jenkins.io/security/advisory/2020-01-15/#SECURITY-1683
Jenkins states that the plugin has a CVE where not escaping project names in 'build_now' results in a reflected cross-site scripting vulnerability.
https://www.jenkins.io/security/advisory/2020-01-15/#SECURITY-1683