Количество 2
Количество 2
CVE-2019-10336
A reflected cross site scripting vulnerability in Jenkins ElectricFlow Plugin 1.1.6 and earlier allowed attackers able to control the output of the ElectricFlow API to inject arbitrary HTML and JavaScript in job configuration forms containing post-build steps provided by this plugin.
GHSA-w3pj-v9jr-v2wc
Jenkins ElectricFlow Plugin is vulnerable to reflected cross site scripting vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-10336 A reflected cross site scripting vulnerability in Jenkins ElectricFlow Plugin 1.1.6 and earlier allowed attackers able to control the output of the ElectricFlow API to inject arbitrary HTML and JavaScript in job configuration forms containing post-build steps provided by this plugin. | CVSS3: 6.1 | 0% Низкий | больше 6 лет назад |
| GHSA-w3pj-v9jr-v2wc Jenkins ElectricFlow Plugin is vulnerable to reflected cross site scripting vulnerability | CVSS3: 4.7 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу