Jenkins Update
1877Warning Date
Severity Level
Warning Number
Target Sector
26 May, 2021
● High
2021-2957
All
Description:
Jenkins has released a security update to address a vulnerability in the following product:
- Filesystem Trigger Plugin up to and including 0.40
- Markdown Formatter Plugin up to and including 0.1.0
- Nuget Plugin up to and including 1.0
- URLTrigger Plugin up to and including 0.48
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Cross-site scripting (XSS)
Best practice and Recommendations:
The CERT team encourages users to review Jenkins security advisory and apply the necessary update: