Lucene search
Redhat.comRH:CVE-2018-1000407HistoryJan 14, 2019 - 2:20 a.m.
CVE-2018-1000407
2019-01-1402:20:07
redhat.com
access.redhat.com
4
0.001 Low
EPSS
Percentile
32.3%
A cross-site scripting vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/Api.java that allows attackers to specify URLs to Jenkins that result in rendering arbitrary attacker-controlled HTML by Jenkins.
Related
cvelist
cvelist
CVE-2018-1000407
2019-01-09 23:00:00
cve
cve
CVE-2018-1000407
2019-01-09 23:29:02
osv
osv
Cross-site Scripting in Jenkins
2022-05-14 01:04:36
CVE-2018-1000407
2019-01-09 23:29:02
veracode
veracode
Cross-Site Scripting (XSS)Cross-Site Scripting (XSS)
2019-05-16 02:16:44
prion
prion
Cross site scripting
2019-01-09 23:29:00
github
github
Cross-site Scripting in Jenkins
2022-05-14 01:04:36
nvd
nvd
CVE-2018-1000407
2019-01-09 23:29:02
openvas
openvas
Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities - Linux
2018-12-11 00:00:00
Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities - Windows
2018-12-11 00:00:00
nessus
nessus
Jenkins < 2.138.2 (LTS) / 2.146 Multiple Vulnerabilities
2018-10-16 00:00:00