-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:bart | maven | <= 1.0.3 |
Miggo AIRoot Cause AnalysisThe vulnerability stems from unescaped build log content rendering. The key evidence is line 85 in LogParserBuildAction.java where 'parser.print()' output is directly joined into message content. Since the advisory specifically mentions lack of escaping before UI rendering, and the code shows raw log data being processed without sanitization (no use of HTML escaping functions like Jenkins' SafeHtml or equivalent), this function is directly responsible for the XSS vulnerability.