CVE-2021-21666 – Jenkins Kiuwan Plugin 1.6.0 and earlier does not escape query parameters in an error messa …

Vuln ID: CVE-2021-21666

Published:  2021-06-10  15:15:09Z

Description: Jenkins Kiuwan Plugin 1.6.0 and earlier does not escape query parameters in an error message for a form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability.

Source: NVD.NIST.GOV