Woodpecker is a community branch of the Drone CI system. A cross-site scripting vulnerability exists in versions prior to Woodpecker 0.15.1, which stems from a missing escape in web/src/components/repo/build/BuildLog.vue. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
woodpecker woodpecker | lt | 0.15.1 |