Описание
Subversion Plugin stored XSS vulnerability
Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability. Subversion Plugin 2.13.1 escapes the affected part of the error message.
Пакеты
Наименование
org.jenkins-ci.plugins:subversion
maven
Затронутые версииВерсия исправления
< 2.13.1
2.13.1
Связанные уязвимости
CVSS3: 5.4
redhat
почти 6 лет назад
Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.
CVSS3: 5.4
nvd
почти 6 лет назад
Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.