Lucene search
JenkinsCVELIST:CVE-2021-21649HistoryMay 11, 2021 - 2:15 p.m.
CVE-2021-21649
2021-05-1114:15:21
jenkins
www.cve.org
0.001 Low
EPSS
Percentile
22.2%
Jenkins Dashboard View Plugin 2.15 and earlier does not escape URLs referenced in Image Dashboard Portlets, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with View/Configure permission.
CNA Affected
[
{
"product": "Jenkins Dashboard View Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "2.15",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.12.1"
}
]
}
]Related
cve
cve
CVE-2021-21649
2021-05-11 15:15:07
github
github
Cross-site Scripting in Jenkins Dashboard View Plugin
2021-06-16 17:24:41
osv
osv
Cross-site Scripting in Jenkins Dashboard View Plugin
2021-06-16 17:24:41
CVE-2021-21649
2021-05-11 15:15:07
prion
prion
Cross site scripting
2021-05-11 15:15:00
nvd
nvd
CVE-2021-21649
2021-05-11 15:15:07
checkpoint_advisories
checkpoint_advisories
Jenkins Dashboard View Plugin Cross-Site Scripting (CVE-2021-21649)
2022-11-24 00:00:00
