Описание
Cross-site Scripting in Jenkins Rebuilder Plugin
A cross-site scripting vulnerability exists in Jenkins Rebuilder Plugin 1.28 and earlier in
that allows users with Job/Configuration permission to insert arbitrary HTML into rebuild forms.
Пакеты
com.sonyericsson.hudson.plugins.rebuild:rebuild
< 1.29
1.29
Связанные уязвимости
A cross-site scripting vulnerability exists in Jenkins Rebuilder Plugin 1.28 and earlier in RebuildAction/BooleanParameterValue.jelly, RebuildAction/ExtendedChoiceParameterValue.jelly, RebuildAction/FileParameterValue.jelly, RebuildAction/LabelParameterValue.jelly, RebuildAction/ListSubversionTagsParameterValue.jelly, RebuildAction/MavenMetadataParameterValue.jelly, RebuildAction/NodeParameterValue.jelly, RebuildAction/PasswordParameterValue.jelly, RebuildAction/RandomStringParameterValue.jelly, RebuildAction/RunParameterValue.jelly, RebuildAction/StringParameterValue.jelly, RebuildAction/TextParameterValue.jelly, RebuildAction/ValidatingStringParameterValue.jelly that allows users with Job/Configuration permission to insert arbitrary HTML into rebuild forms.