Lucene search
PRIOn knowledge basePRION:CVE-2019-1003050HistoryApr 10, 2019 - 9:29 p.m.
Cross site scripting
2019-04-1021:29:00
PRIOn knowledge base
www.prio-n.com
6
The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins | le | 2.164.1 | |
| jenkins | le | 2.171 | |
| communications_cloud_native_core_automated_test_suite | eq | 1.9.0 | |
| openshift_container_platform | eq | 3.11 |
Related
veracode
veracode
Cross-Site Scripting (XSS)
2019-07-08 00:06:45
redhatcve
redhatcve
CVE-2019-1003050
2020-04-09 10:33:43
cve
cve
CVE-2019-1003050
2019-04-10 21:29:01
nvd
nvd
CVE-2019-1003050
2019-04-10 21:29:01
osv
osv
Improper Neutralization of Input During Web Page Generation in Jenkins
2022-05-13 01:01:01
CVE-2019-1003050
2019-04-10 21:29:01
cvelist
cvelist
CVE-2019-1003050
2019-04-10 20:12:30
github
github
Improper Neutralization of Input During Web Page Generation in Jenkins
2022-05-13 01:01:01
alpinelinux
alpinelinux
CVE-2019-1003050
2019-04-10 21:29:01
nessus
nessus
Jenkins < 2.164.2 LTS / 2.172 Multiple Vulnerabilities
2019-04-18 00:00:00
openvas
openvas
Jenkins < 2.164.2 LTS and < 2.172 Multiple Vulnerabilities - Linux
2019-04-17 00:00:00
Jenkins < 2.164.2 LTS and < 2.172 Multiple Vulnerabilities - Windows
2019-04-17 00:00:00
archlinux
archlinux
[ASA-201904-7] jenkins: multiple issues
2019-04-11 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00