Lucene search
PRIOn knowledge basePRION:CVE-2023-35145HistoryJun 14, 2023 - 1:15 p.m.
Cross site scripting
2023-06-1413:15:00
PRIOn knowledge base
www.prio-n.com
6
jenkins
sonargraph
integration
stored
cross-site scripting
vulnerability
attackers
item/configure permission
0.001 Low
EPSS
Percentile
40.5%
Jenkins Sonargraph Integration Plugin 5.0.1 and earlier does not escape the file path and the project name for the Log file field form validation, resulting in a stored cross-site scripting vulnerability exploitable by attackers with Item/Configure permission.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sonargraph_integration | le | 5.0.1 |
Related
nvd
nvd
CVE-2023-35145
2023-06-14 13:15:12
alpinelinux
alpinelinux
CVE-2023-35145
2023-06-14 13:15:12
cve
cve
CVE-2023-35145
2023-06-14 13:15:12
redhatcve
redhatcve
CVE-2023-35145
2023-06-26 11:17:37
github
github
osv
osv
CVE-2023-35145
2023-06-14 13:15:12
veracode
veracode
Cross-site Scripting (XSS)
2023-06-26 09:04:23
cvelist
cvelist
CVE-2023-35145
2023-06-14 12:53:08
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2023-06-14)
2023-06-16 00:00:00