Jenkins 2.93 allows authenticated admins to conduct XSS attacks via crafted tool names in job configuratio
Reporter | Title | Published | Views | Family All 12 |
---|---|---|---|---|
RedhatCVE | CVE-2017-17383 | 11 Dec 201716:49 | – | redhatcve |
OpenVAS | Jenkins 'CVE-2017-17383' XSS Vulnerability - Linux | 7 Dec 201700:00 | – | openvas |
OpenVAS | Jenkins 'CVE-2017-17383' XSS Vulnerability - Windows | 7 Dec 201700:00 | – | openvas |
CVE | CVE-2017-17383 | 6 Dec 201705:29 | – | cve |
CVE | CVE-2018-1000016 | 23 Jan 201814:29 | – | cve |
OSV | Cross-site Scripting in Jenkins Core | 14 May 202204:04 | – | osv |
OSV | CVE-2017-17383 | 6 Dec 201705:29 | – | osv |
Github Security Blog | Cross-site Scripting in Jenkins Core | 14 May 202204:04 | – | github |
Tenable Nessus | Jenkins JDK / Ant Tools Job Configuration Stored XSS Vulnerability (SECURITY-624) (deprecated) | 15 Dec 201700:00 | – | nessus |
NVD | CVE-2017-17383 | 6 Dec 201705:29 | – | nvd |
Source | Link |
---|---|
securityfocus | www.securityfocus.com/bid/102130 |
jenkins | www.jenkins.io/security/advisory/2017-12-05/ |
vsintelli | www.vsintelli.com/portal/blog/23-security-advisory-2017-12-04 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo