Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-39151HistoryJul 26, 2023 - 2:15 p.m.
CVE-2023-39151
2023-07-2614:15:10
Alpine Linux Development Team
security.alpinelinux.org
2
jenkins
lts
stored xss
vulnerability
build logs
urls
hyperlinks
unix
0.001 Low
EPSS
Percentile
41.0%
Jenkins 2.415 and earlier, LTS 2.401.2 and earlier does not sanitize or properly encode URLs in build logs when transforming them into hyperlinks, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control build log contents.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.18-community | noarch | jenkins | = 2.387.3-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | jenkins | = 2.414.3-r0 | UNKNOWN |
Related
cvelist
cvelist
CVE-2023-39151
2023-07-26 13:54:52
osv
osv
Jenkins Stored Cross-site Scripting vulnerability
2023-07-26 15:30:57
BIT-jenkins-2023-39151
2024-03-06 10:55:13
CVE-2023-39151
2023-07-26 14:15:10
nessus
nessus
nvd
nvd
CVE-2023-39151
2023-07-26 14:15:10
prion
prion
Cross site scripting
2023-07-26 14:15:00
redhatcve
redhatcve
CVE-2023-39151
2023-07-27 06:47:55
veracode
veracode
Cross-site Scripting (XSS)
2023-07-28 02:45:44
freebsd
freebsd
jenkins -- Stored XSS vulnerability
2023-07-26 00:00:00
cve
cve
CVE-2023-39151
2023-07-26 14:15:10
github
github
Jenkins Stored Cross-site Scripting vulnerability
2023-07-26 15:30:57
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00