Lucene search
GoogleOSV:GHSA-WQJJ-C9CX-Q7CFHistoryMay 13, 2022 - 1:25 a.m.
Jenkins Lockable Resources Plugin XSS vulnerability
2022-05-1301:25:43
Google
osv.dev
7
jenkins
lockable resources plugin
cross site scripting
arbitrary javascript
web pages
security vulnerability
A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin.
References
www.openwall.com/lists/oss-security/2019/03/28/2
www.securityfocus.com/bid/107628
access.redhat.com/errata/RHSA-2019:1423
github.com/jenkinsci/lockable-resources-plugin
github.com/jenkinsci/lockable-resources-plugin/commit/4f401e250eb9e865e951b069255fea7052423739
jenkins.io/security/advisory/2019-03-25/#SECURITY-1361
nvd.nist.gov/vuln/detail/CVE-2019-1003042
Related
veracode
veracode
Cross-site Scripting (XSS)
2019-06-17 00:21:16
nvd
nvd
CVE-2019-1003042
2019-03-28 18:29:00
osv
osv
CVE-2019-1003042
2019-03-28 18:29:00
prion
prion
Cross site scripting
2019-03-28 18:29:00
cvelist
cvelist
CVE-2019-1003042
2019-03-28 17:59:29
redhatcve
redhatcve
CVE-2019-1003042
2019-10-08 11:12:50
github
github
Jenkins Lockable Resources Plugin XSS vulnerability
2022-05-13 01:25:43
cve
cve
CVE-2019-1003042
2019-03-28 18:29:00
redhat
redhat
nessus
nessus