Lucene search
JenkinsCVELIST:CVE-2019-1003050HistoryApr 10, 2019 - 8:12 p.m.
CVE-2019-1003050
2019-04-1020:12:30
jenkins
www.cve.org
The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.
CNA Affected
[
{
"product": "Jenkins",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "2.171 and earlier, LTS 2.164.1 and earlier"
}
]
}
]Related
veracode
veracode
Cross-Site Scripting (XSS)
2019-07-08 00:06:45
redhatcve
redhatcve
CVE-2019-1003050
2020-04-09 10:33:43
prion
prion
Cross site scripting
2019-04-10 21:29:00
cve
cve
CVE-2019-1003050
2019-04-10 21:29:01
nvd
nvd
CVE-2019-1003050
2019-04-10 21:29:01
osv
osv
Improper Neutralization of Input During Web Page Generation in Jenkins
2022-05-13 01:01:01
CVE-2019-1003050
2019-04-10 21:29:01
github
github
Improper Neutralization of Input During Web Page Generation in Jenkins
2022-05-13 01:01:01
alpinelinux
alpinelinux
CVE-2019-1003050
2019-04-10 21:29:01
nessus
nessus
Jenkins < 2.164.2 LTS / 2.172 Multiple Vulnerabilities
2019-04-18 00:00:00
archlinux
archlinux
[ASA-201904-7] jenkins: multiple issues
2019-04-11 00:00:00
openvas
openvas
Jenkins < 2.164.2 LTS and < 2.172 Multiple Vulnerabilities - Linux
2019-04-17 00:00:00
Jenkins < 2.164.2 LTS and < 2.172 Multiple Vulnerabilities - Windows
2019-04-17 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00