Описание
Stored Cross-site Scripting vulnerability in Jenkins Agent Server Parameter Plugin
Jenkins Agent Server Parameter Plugin 1.0 and earlier does not escape parameter names of agent server parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Пакеты
Наименование
io.jenkins.plugins:agent-server-parameter
maven
Затронутые версииВерсия исправления
< 1.1
1.1
Связанные уязвимости
CVSS3: 5.4
nvd
почти 4 года назад
Jenkins Agent Server Parameter Plugin 1.0 and earlier does not escape parameter names of agent server parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.