Lucene search
GoogleOSV:GHSA-CQP7-HWM3-CFG7HistoryMay 13, 2022 - 1:31 a.m.
XSS vulnerability in Jenkins Warnings Next Generation Plugin
2022-05-1301:31:34
Google
osv.dev
7
cross-site scripting
jenkins
warnings next generation plugin
vulnerability
html
input control
security
critical issue
duplicate code scanner
A cross-site scripting vulnerability exists in Jenkins Warnings Next Generation Plugin 1.0.1 and earlier in src/main/java/io/jenkins/plugins/analysis/core/model/DetailsTableModel.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourceDetail.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourcePrinter.java, src/main/java/io/jenkins/plugins/analysis/core/util/Sanitizer.java, src/main/java/io/jenkins/plugins/analysis/warnings/DuplicateCodeScanner.java that allows attackers with the ability to control warnings parser input to have Jenkins render arbitrary HTML.
Related
prion
prion
Cross site scripting
2019-02-06 16:29:00
cve
cve
CVE-2019-1003023
2019-02-06 16:29:01
osv
osv
CVE-2019-1003023
2019-02-06 16:29:01
cvelist
cvelist
CVE-2019-1003023
2019-02-06 16:00:00
github
github
XSS vulnerability in Jenkins Warnings Next Generation Plugin
2022-05-13 01:31:34
nvd
nvd
CVE-2019-1003023
2019-02-06 16:29:01