Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-9c2p-99pg-c4j9

Опубликовано: 17 мая 2022
Источник: github
Github: Прошло ревью
CVSS3: 5.4

Описание

Persistent XSS vulnerability in Static Analysis Utilities

The Details view of some Static Analysis Utilities based plugins, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to these plugins, for example the console output which is parsed to extract build warnings (Warnings Plugin), could insert arbitrary HTML into this view.

Ссылки

Пакеты

Наименование

org.jvnet.hudson.plugins:analysis-core

maven
Затронутые версииВерсия исправления

<= 1.91

1.92

EPSS

Процентиль: 15%
0.00049
Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2017-1000102

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2017-1000102

CVSS3: 5.4
nvd
больше 8 лет назад

The Details view of some Static Analysis Utilities based plugins, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to these plugins, for example the console output which is parsed to extract build warnings (Warnings Plugin), could insert arbitrary HTML into this view.

EPSS

Процентиль: 15%
0.00049
Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2017-1000102

Дефекты

CWE-79