CVE-2019-10376

Опубликовано: 07 авг. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

A reflected cross-site scripting vulnerability in Jenkins Wall Display Plugin 0.6.34 and earlier allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin.

Ссылки

http://www.openwall.com/lists/oss-security/2019/08/07/1
Mailing List
Third Party Advisory
https://jenkins.io/security/advisory/2019-08-07/#SECURITY-751
Vendor Advisory
http://www.openwall.com/lists/oss-security/2019/08/07/1
Mailing List
Third Party Advisory
https://jenkins.io/security/advisory/2019-08-07/#SECURITY-751
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jenkins:wall_display:*:*:*:*:*:jenkins:*:*

Версия до 0.6.34 (включая)

EPSS

Процентиль: 30%

0.00113

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-hc34-f55m-rh3m