Описание
Stored Cross-site Scripting vulnerability in Jenkins List Git Branches Parameter Plugin
Jenkins List Git Branches Parameter Plugin 0.0.9 and earlier does not escape the name of the 'List Git branches (and more)' parameter, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Пакеты
Наименование
org.jenkins-ci.plugins:list-git-branches-parameter
maven
Затронутые версииВерсия исправления
<= 0.0.9
Отсутствует
Связанные уязвимости
CVSS3: 5.4
nvd
почти 4 года назад
Jenkins List Git Branches Parameter Plugin 0.0.9 and earlier does not escape the name of the 'List Git branches (and more)' parameter, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.