Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-2610

Опубликовано: 01 фев. 2017
Источник: redhat
CVSS3: 5.4
EPSS Низкий

Описание

jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in search suggestions due to improperly escaping users with less-than and greater-than characters in their names (SECURITY-388).

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenShift Enterprise 2jenkinsUnder investigation
Red Hat OpenShift Enterprise 3jenkinsUnder investigation

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=1418727jenkins: Persisted cross-site scripting vulnerability in search suggestions (SECURITY-388)

EPSS

Процентиль: 19%
0.00061
Низкий

5.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-2610

CVSS3: 5.4
ubuntu
больше 7 лет назад

jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in search suggestions due to improperly escaping users with less-than and greater-than characters in their names (SECURITY-388).

nvd логотип

CVE-2017-2610

CVSS3: 5.4
nvd
больше 7 лет назад

jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in search suggestions due to improperly escaping users with less-than and greater-than characters in their names (SECURITY-388).

debian логотип

CVE-2017-2610

CVSS3: 5.4
debian
больше 7 лет назад

jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cros ...

github логотип

GHSA-jff5-55xj-4jcq

CVSS3: 5.4
github
больше 3 лет назад

Improper Neutralization of Input During Web Page Generation in Jenkins

EPSS

Процентиль: 19%
0.00061
Низкий

5.4 Medium

CVSS3