Jenkins · Jenkins Build Failure Analyzer Plugin · CVE-2013-6374
**Name of the Vulnerable Software and Affected Versions**
Jenkins Build Failure Analyzer plugin versions prior to 1.5.1
**Description**
A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML.
**Recommendations**
For versions prior to 1.5.1, update to version 1.5.1 or later to resolve the issue.