Количество 2
Количество 2
CVE-2023-28679
Jenkins Mashup Portlets Plugin 1.1.2 and earlier provides the "Generic JS Portlet" feature that lets a user populate a portlet using a custom JavaScript expression, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by authenticated attackers with Overall/Read permission.
GHSA-h9h3-jx58-6hqq
Jenkins Mashup Portlets Plugin vulnerable to stored cross-site scripting
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-28679 Jenkins Mashup Portlets Plugin 1.1.2 and earlier provides the "Generic JS Portlet" feature that lets a user populate a portlet using a custom JavaScript expression, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by authenticated attackers with Overall/Read permission. | CVSS3: 5.4 | 6% Низкий | почти 3 года назад |
| GHSA-h9h3-jx58-6hqq Jenkins Mashup Portlets Plugin vulnerable to stored cross-site scripting | CVSS3: 8 | 6% Низкий | почти 3 года назад |
Уязвимостей на страницу