Описание
Stored XSS vulnerability in Jenkins TAP Plugin
Jenkins TAP Plugin 2.3 and earlier does not escape TAP file contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control TAP file contents.
Пакеты
Наименование
org.tap4j:tap
maven
Затронутые версииВерсия исправления
<= 2.3
Отсутствует
Связанные уязвимости
CVSS3: 5.4
nvd
больше 2 лет назад
Jenkins TAP Plugin 2.3 and earlier does not escape TAP file contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control TAP file contents.