CVE-2022-43435

Jenkins 360 FireLine Plugin 1.7.2 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt