CVE-2019-1003042

A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt