Jenkins Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control or modify Contrast service API responses. Contrast Continuous Application Security Plugin 3.10 escapes the affected data.Read More
Jenkins Contrast Continuous Application Security Plugin vulnerable to stored Cross-site Scripting
