CVE-2022-34783

Name of the Vulnerable Software and Affected Versions Jenkins Plot Plugin versions 2.1.10 and earlier

Description The issue is related to a stored cross-site scripting (XSS) vulnerability. It occurs because plot descriptions are not properly escaped, allowing attackers with Item/Configure permission to exploit this weakness.

Recommendations For Jenkins Plot Plugin versions 2.1.10 and earlier, update to a version later than 2.1.10 to resolve the issue. As a temporary workaround, consider restricting access to the plot descriptions feature to minimize the risk of exploitation.