Описание
Jenkins Wall Display Plugin Cross-site Scripting vulnerability
Wall Display Master Project Plugin does not properly escape the customTheme query parameter, resulting in a reflected cross-site scripting vulnerability.
As of publication of this advisory, there is no fix.
Пакеты
Наименование
org.jenkins-ci.plugins:jenkinswalldisplay
maven
Затронутые версииВерсия исправления
<= 0.6.34
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
больше 6 лет назад
A reflected cross-site scripting vulnerability in Jenkins Wall Display Plugin 0.6.34 and earlier allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin.