Lucene search
JenkinsCVELIST:CVE-2019-1003023HistoryOct 03, 2022 - 4:19 p.m.
CVE-2019-1003023
2022-10-0316:19:42
jenkins
www.cve.org
0.001 Low
EPSS
Percentile
31.5%
A cross-site scripting vulnerability exists in Jenkins Warnings Next Generation Plugin 1.0.1 and earlier in src/main/java/io/jenkins/plugins/analysis/core/model/DetailsTableModel.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourceDetail.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourcePrinter.java, src/main/java/io/jenkins/plugins/analysis/core/util/Sanitizer.java, src/main/java/io/jenkins/plugins/analysis/warnings/DuplicateCodeScanner.java that allows attackers with the ability to control warnings parser input to have Jenkins render arbitrary HTML.
CNA Affected
[
{
"product": "Jenkins Warnings Next Generation Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.0.1 and earlier"
}
]
}
]Related
prion
prion
Cross site scripting
2019-02-06 16:29:00
osv
osv
XSS vulnerability in Jenkins Warnings Next Generation Plugin
2022-05-13 01:31:34
CVE-2019-1003023
2019-02-06 16:29:01
cve
cve
CVE-2019-1003023
2022-10-03 16:19:42
nvd
nvd
CVE-2019-1003023
2019-02-06 16:29:01
github
github
XSS vulnerability in Jenkins Warnings Next Generation Plugin
2022-05-13 01:31:34