Описание
Jenkins Matrix Reloaded Plugin vulnerable to Stored XSS
Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission.
Пакеты
Наименование
net.praqma:matrix-reloaded
maven
Затронутые версииВерсия исправления
<= 1.1.3
Отсутствует
Связанные уязвимости
CVSS3: 5.4
nvd
больше 3 лет назад
Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission.