Количество 2
Количество 2
CVE-2018-1000144
A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseAction#doDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these files to attack Jenkins users.
GHSA-q7jx-r75r-hgj2
Jenkins Cucumber Living Documentation Plugin Cross-site Scripting vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-1000144 A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseAction#doDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these files to attack Jenkins users. | CVSS3: 6.1 | 0% Низкий | почти 8 лет назад |
| GHSA-q7jx-r75r-hgj2 Jenkins Cucumber Living Documentation Plugin Cross-site Scripting vulnerability | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу