Описание
XSS vulnerability in Jenkins Subversion Partial Release Manager Plugin
Subversion Partial Release Manager Plugin 1.0.1 and earlier does not escape the error message for the repository URL field form validation.
This results in a reflected cross-site scripting (XSS) vulnerability that can also be exploited similar to a stored cross-site scripting vulnerability by users with Job/Configure permission.
Пакеты
Наименование
org.jenkins-ci.plugins:svn-partial-release-mgr
maven
Затронутые версииВерсия исправления
<= 1.0.1
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
больше 5 лет назад
Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier does not escape the error message for the repository URL field form validation, resulting in a reflected cross-site scripting vulnerability.