Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-1000109

Опубликовано: 05 окт. 2017
Источник: nvd
CVSS3: 6.1
CVSS2: 4.3
EPSS Низкий

Описание

The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:jenkins:owasp_dependency-check:1.0.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.1.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.4:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.4.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.5:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.7:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.8:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.0:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.4:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.4.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.0:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.3.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.3.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.4:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.5:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.6:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.7:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.7.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.8:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.9:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.10:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.11:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.2.11.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.3.0:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.3.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.3.1.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.3.1.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.3.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.3.3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.3.4:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.3.5:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.3.6:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.4.0:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.4.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.4.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.4.3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.4.4:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.4.5:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:2.0.0:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:2.0.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:2.0.1.1:*:*:*:*:jenkins:*:*

EPSS

Процентиль: 17%
0.00054
Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

github логотип

GHSA-65cq-whr4-7c2v

CVSS3: 6.1
github
больше 3 лет назад

Persistent XSS vulnerability in Jenkins OWASP Dependency-Check Plugin

EPSS

Процентиль: 17%
0.00054
Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79