## https://sploitus.com/exploit?id=CNVD-2022-49954
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plug-ins to support building, deploying, and automating any project. Jenkins Plugin is a cross-site scripting vulnerability in Jenkins Random String Parameter Plugin 1.0 and earlier, which stems from a program that does not properly escape the name and description of a random string parameter in the view that displays the parameter The vulnerability is caused by the program not properly escaping the name and description of the random string parameter in the view where the parameter is displayed. An attacker could exploit this vulnerability to perform cross-site scripting attacks.