Описание
Jenkins Pipeline Aggregator View Plugin stored XSS vulnerability
Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names.
Пакеты
Наименование
com.paul8620.jenkins.plugins:pipeline-aggregator-view
maven
Затронутые версииВерсия исправления
< 1.9
1.9
Связанные уязвимости
CVSS3: 5.4
nvd
около 6 лет назад
Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names.