Lucene search
GoogleOSV:GHSA-4WJ7-RH5H-5QMRHistoryMay 24, 2022 - 4:50 p.m.
Jenkins Dependency Graph Viewer Plugin contains Cross-site Scripting
2022-05-2416:50:04
Google
osv.dev
4
0.004 Low
EPSS
Percentile
73.9%
A stored cross site scripting vulnerability in Jenkins Dependency Graph Viewer Plugin 0.13 and earlier allowed attackers able to configure jobs in Jenkins to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins.
References
packetstormsecurity.com/files/153610/Jenkins-Dependency-Graph-View-0.13-Cross-Site-Scripting.html
www.openwall.com/lists/oss-security/2019/07/11/4
www.securityfocus.com/bid/109156
github.com/jenkinsci/depgraph-view-plugin
github.com/jenkinsci/depgraph-view-plugin/commit/288496fd2e6fe922da3b43067e73cfac07a910e8
jenkins.io/security/advisory/2019-07-11/#SECURITY-1177
nvd.nist.gov/vuln/detail/CVE-2019-10349
Related
nvd
nvd
CVE-2019-10349
2019-07-11 14:15:10
zdt
zdt
checkpoint_advisories
checkpoint_advisories
Jenkins Dependency Graph View Plugin Cross-Site Scripting (CVE-2019-10349)
2019-07-17 00:00:00
github
github
Jenkins Dependency Graph Viewer Plugin contains Cross-site Scripting
2022-05-24 16:50:04
exploitpack
exploitpack
Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting
2019-07-12 00:00:00
prion
prion
Cross site scripting
2019-07-11 14:15:00
cve
cve
CVE-2019-10349
2019-07-11 14:15:10
packetstorm
packetstorm
Jenkins Dependency Graph View 0.13 Cross Site Scripting
2019-07-12 00:00:00
osv
osv
CVE-2019-10349
2019-07-11 14:15:10
cvelist
cvelist
CVE-2019-10349
2019-07-11 13:55:17
exploitdb
exploitdb
Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting
2019-07-12 00:00:00