Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins Rundeck Plugin 3.6.10 and earlier versions have a cross-site scripting vulnerability that stems from a program that does not properly restrict the URL scheme in Rundeck webhook URL scheme in submissions. An attacker could exploit this vulnerability to submit a specially crafted Rundeck webhook payload.