Jenkins Project Inheritance Plugin 21.04.03 and earlier does not escape the reason a build is blocked in tooltips, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to control the reason a queue item is blocked.
Refe…

Jenkins Plot Plugin 2.1.10 and earlier does not escape plot descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-3478…

JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results.
This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.
JUnit Plugin 1119.1121.vc43d0fc45561 app…

Since Jenkins 2.321 and LTS 2.332.1, the HTML output generated for new symbol-based SVG icons includes the title attribute of l:ionicon until Jenkins 2.334 and alt attribute of l:icon since Jenkins 2.335 without further escaping.
This vulnerability is …

Since Jenkins 2.340, symbol-based icons unescape previously escaped values of tooltip parameters.
This vulnerability is known to be exploitable by attackers with Job/Configure permission.
Jenkins 2.356, LTS 2.332.4 and LTS 2.346.1 addresses this vulner…

Since Jenkins 2.340, the tooltip of the build button in list views supports HTML without escaping the job display name.
This vulnerability is known to be exploitable by attackers with Job/Configure permission.
Jenkins 2.356 addresses this vulnerability…

Since Jenkins 2.320 and LTS 2.332.1, help icon tooltips no longer escape the feature name, effectively undoing the fix for SECURITY-1955.
This vulnerability is known to be exploitable by attackers with Job/Configure permission.
Jenkins 2.356, LTS 2.332…

Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of expressions with high nesting level that lead to StackOverFlow exception or high CPU and RAM usage. Exploiting this vulnerability results in Denial O…