๐Ÿ” CVE Alert

CVE-2026-53441

UNKNOWN 0.0
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Jenkins 2.483 through 2.567 (both inclusive), LTS 2.492.1 through 2.555.2 (both inclusive) does not escape the user-provided description of a generic offline cause that could be set through the `POST config.xml` API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission.

Vendor jenkins project
Product jenkins
Ecosystems
Industries
Technology
Published Jun 10, 2026
Stay Ahead of the Next One

Get instant alerts for jenkins project jenkins

Be the first to know when new unknown vulnerabilities affecting jenkins project jenkins are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Jenkins Project / Jenkins
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
jenkins.io: https://www.jenkins.io/security/advisory/2026-06-10/#SECURITY-3731