Lucene search

K
osvGoogleOSV:GHSA-X3PR-FCGM-WJGC
HistoryMay 24, 2022 - 5:08 p.m.

Subversion Plugin stored XSS vulnerability

2022-05-2417:08:46
Google
osv.dev
12

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.0%

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability. Subversion Plugin 2.13.1 escapes the affected part of the error message.

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.0%