Every CVE whose affected-product data names Jenkins Extra Columns, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2016-3101 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web…
CVE-2021-21630 — CVSS 5.4 (medium): Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored…