Lucene search
GoogleOSV:GHSA-HV45-5J9H-7FHGHistoryMay 14, 2022 - 1:04 a.m.
Cross-site Scripting in Jenkins
2022-05-1401:04:36
Google
osv.dev
5
0.001 Low
EPSS
Percentile
32.3%
A cross-site scripting vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/Api.java that allows attackers to specify URLs to Jenkins that result in rendering arbitrary attacker-controlled HTML by Jenkins.
Related
redhatcve
redhatcve
CVE-2018-1000407
2019-01-14 02:20:07
cvelist
cvelist
CVE-2018-1000407
2019-01-09 23:00:00
cve
cve
CVE-2018-1000407
2019-01-09 23:29:02
veracode
veracode
Cross-Site Scripting (XSS)Cross-Site Scripting (XSS)
2019-05-16 02:16:44
osv
osv
CVE-2018-1000407
2019-01-09 23:29:02
nvd
nvd
CVE-2018-1000407
2019-01-09 23:29:02
prion
prion
Cross site scripting
2019-01-09 23:29:00
github
github
Cross-site Scripting in Jenkins
2022-05-14 01:04:36
openvas
openvas
Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities - Windows
2018-12-11 00:00:00
Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities - Linux
2018-12-11 00:00:00
nessus
nessus
Jenkins < 2.138.2 (LTS) / 2.146 Multiple Vulnerabilities
2018-10-16 00:00:00