Looking for the vulnerability index of Invicti's legacy products?
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2026-53441 - Vulnerability Database

Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2026-53441

Medium
Reference: CVE-2026-53441
Title: Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Jenkins 2.483 through 2.567 (both inclusive) LTS 2.492.1 through 2.555.2 (both inclusive) does not escape the user-provided description of a generic offline cause that could be set through the POST config.xml API resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission.