Share
## https://sploitus.com/exploit?id=CNVD-2022-49955
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exists in Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier, which stems from the program's failure to properly escape the name and description of an upgrade level parameter in the The vulnerability is caused by the program not properly escaping the name and description of the upgrade level parameter in the view of the displayed parameter. An attacker could exploit this vulnerability to perform cross-site scripting attacks.