Количество 2
Количество 2
CVE-2021-21619
Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either via the security realm, or directly inside Jenkins.
GHSA-48hr-jg4p-w4p4
XSS vulnerability in Jenkins Claim Plugin
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-21619 Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either via the security realm, or directly inside Jenkins. | CVSS3: 5.4 | 0% Низкий | почти 5 лет назад |
| GHSA-48hr-jg4p-w4p4 XSS vulnerability in Jenkins Claim Plugin | CVSS3: 5.4 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу