Launchpad.net

CVE 2022-29947

Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping.

See the CVE page on Mitre.org for more details.