Lucene search
GoogleOSV:CVE-2018-1000407HistoryJan 09, 2019 - 11:29 p.m.
CVE-2018-1000407
2019-01-0923:29:02
Google
osv.dev
5
A cross-site scripting vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/Api.java that allows attackers to specify URLs to Jenkins that result in rendering arbitrary attacker-controlled HTML by Jenkins.
Related
redhatcve
redhatcve
CVE-2018-1000407
2019-01-14 02:20:07
cvelist
cvelist
CVE-2018-1000407
2019-01-09 23:00:00
cve
cve
CVE-2018-1000407
2019-01-09 23:29:02
osv
osv
Cross-site Scripting in Jenkins
2022-05-14 01:04:36
veracode
veracode
Cross-Site Scripting (XSS)Cross-Site Scripting (XSS)
2019-05-16 02:16:44
prion
prion
Cross site scripting
2019-01-09 23:29:00
github
github
Cross-site Scripting in Jenkins
2022-05-14 01:04:36
nvd
nvd
CVE-2018-1000407
2019-01-09 23:29:02
openvas
openvas
Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities - Windows
2018-12-11 00:00:00
Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities - Linux
2018-12-11 00:00:00
nessus
nessus
Jenkins < 2.138.2 (LTS) / 2.146 Multiple Vulnerabilities
2018-10-16 00:00:00