Lucene search
GoogleOSV:GHSA-Q829-HRMC-84C8HistoryMay 24, 2022 - 4:57 p.m.
Jenkins HTML Publisher Plugin vulnerable to Cross-site Scripting
2022-05-2416:57:28
Google
osv.dev
11
jenkins
html publisher
cross-site scripting
vulnerability
patched
version 1.21
EPSS
0.001
Percentile
40.6%
Jenkins HTML Publisher Plugin prior to version 1.21 did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those. This issue has been patched in version 1.21
References
www.openwall.com/lists/oss-security/2019/10/01/2
access.redhat.com/errata/RHSA-2019:4055
access.redhat.com/errata/RHSA-2019:4089
access.redhat.com/errata/RHSA-2019:4097
github.com/jenkinsci/htmlpublisher-plugin
github.com/jenkinsci/htmlpublisher-plugin/commit/637aad0308f8cdfb24610041fcfe815d5a1a096b
github.com/jenkinsci/htmlpublisher-plugin/releases/tag/htmlpublisher-1.21
jenkins.io/security/advisory/2019-10-01/#SECURITY-1590
nvd.nist.gov/vuln/detail/CVE-2019-10432
Related
nvd
nvd
CVE-2019-10432
2019-10-01 14:15:23
github
github
Jenkins HTML Publisher Plugin vulnerable to Cross-site Scripting
2022-05-24 16:57:28
cve
cve
CVE-2019-10432
2019-10-01 14:15:23
redhatcve
redhatcve
CVE-2019-10432
2019-10-23 00:02:35
cvelist
cvelist
CVE-2019-10432
2019-10-01 13:45:19
prion
prion
Cross site scripting
2019-10-01 14:15:00
osv
osv
CVE-2019-10432
2019-10-01 14:15:23
redhat
redhat
nessus
nessus