Описание
Reflected cross-site-scripting vulnerability in report URL of Jenkins CppNCSS Plugin
A cross-site scripting vulnerability exists in Jenkins CppNCSS Plugin 1.1 and earlier in AbstractProjectAction/index.jelly that allow an attacker to craft links to Jenkins URLs that run arbitrary JavaScript in the user's browser when accessed.
Пакеты
Наименование
org.jenkins-ci.plugins:cppncss
maven
Затронутые версииВерсия исправления
<= 1.1
1.2
Связанные уязвимости
CVSS3: 6.1
nvd
почти 8 лет назад
A cross-site scripting vulnerability exists in Jenkins CppNCSS Plugin 1.1 and earlier in AbstractProjectAction/index.jelly that allow an attacker to craft links to Jenkins URLs that run arbitrary JavaScript in the user's browser when accessed.