AWSEB Deployment Plugin 0.3.19 and earlier does not escape various values printed as part of form validation output.
This results in a reflected cross-site scripting (XSS) vulnerability.
AWSEB Deployment Plugin 0.3.20 escapes the values printed as part of the affected form validation endpoints.
{
"github_reviewed_at": "2022-12-20T17:39:43Z",
"nvd_published_at": "2020-04-07T13:15:00Z",
"github_reviewed": true,
"cwe_ids": [
"CWE-79"
],
"severity": "MODERATE"
}