Описание
Reflected XSS vulnerability in Jenkins AWSEB Deployment Plugin
AWSEB Deployment Plugin 0.3.19 and earlier does not escape various values printed as part of form validation output.
This results in a reflected cross-site scripting (XSS) vulnerability.
AWSEB Deployment Plugin 0.3.20 escapes the values printed as part of the affected form validation endpoints.
Пакеты
Наименование
br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin
maven
Затронутые версииВерсия исправления
<= 0.3.19
0.3.20
Связанные уязвимости
CVSS3: 6.1
nvd
почти 6 лет назад
Jenkins AWSEB Deployment Plugin 0.3.19 and earlier does not escape various values printed as part of form validation output, resulting in a reflected cross-site scripting vulnerability.