Lucene search
JenkinsCVELIST:CVE-2021-21648HistoryMay 11, 2021 - 2:15 p.m.
CVE-2021-21648
2021-05-1114:15:20
jenkins
www.cve.org
7
jenkins
credentials
plugin
xss
vulnerability
user-controlled
information
reflected
cross-site scripting
cve-2021-21648
Jenkins Credentials Plugin 2.3.18 and earlier does not escape user-controlled information on a view it provides, resulting in a reflected cross-site scripting (XSS) vulnerability.
CNA Affected
[
{
"product": "Jenkins Credentials Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "2.3.18",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.3.0.1"
},
{
"status": "unaffected",
"version": "2.3.7.1"
},
{
"status": "unaffected",
"version": "2.3.14.1"
},
{
"status": "unaffected",
"version": "2.3.13.1"
},
{
"status": "unaffected",
"version": "2.3.15.1"
}
]
}
]Related
osv
osv
Cross-Site Request Forgery in Jenkins Credentials Plugin
2021-06-16 17:24:31
CVE-2021-21648
2021-05-11 15:15:07
redhatcve
redhatcve
CVE-2021-21648
2021-05-11 20:54:51
cve
cve
CVE-2021-21648
2021-05-11 15:15:07
prion
prion
Cross site scripting
2021-05-11 15:15:00
nvd
nvd
CVE-2021-21648
2021-05-11 15:15:07
github
github
Cross-Site Request Forgery in Jenkins Credentials Plugin
2021-06-16 17:24:31
checkpoint_advisories
checkpoint_advisories
Jenkins Credentials Plugin Cross-Site Scripting (CVE-2021-21648)
2021-05-31 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2021-08-13 18:03:50
nessus
nessus
redhat
redhat