Product
jenkins html publisher
7 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-42524
CVE-2025-53651
CVE-2024-28151
CVE-2024-28150
CVE-2024-28149
CVE-2019-10432
CVE-2018-1000175
<= 427
Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored c
< 427
Jenkins HTML Publisher Plugin 425 and earlier displays log messages that include the absolute paths of files archived during the P
< 1.32.1
Jenkins HTML Publisher Plugin 1.32 and earlier archives invalid symbolic links in report directories on agents and recreates them
< 1.32.1
Jenkins HTML Publisher Plugin 1.32 and earlier does not escape job names, report names, and index page titles shown as part of the
>= 1.16 and < 1.32.1
Jenkins HTML Publisher Plugin 1.16 through 1.32 (both inclusive) does not properly sanitize input, allowing attackers with Item/Co
<= 1.20
Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the project and build display names in the HTML report frame, result
<= 1.15
A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows atta