Lucene search
Redhat.comRH:CVE-2019-1003050HistoryApr 09, 2020 - 10:33 a.m.
CVE-2019-1003050
2020-04-0910:33:43
redhat.com
access.redhat.com
7
0.001 Low
EPSS
Percentile
35.3%
The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.
Related
veracode
veracode
Cross-Site Scripting (XSS)
2019-07-08 00:06:45
prion
prion
Cross site scripting
2019-04-10 21:29:00
cve
cve
CVE-2019-1003050
2019-04-10 21:29:01
nvd
nvd
CVE-2019-1003050
2019-04-10 21:29:01
osv
osv
Improper Neutralization of Input During Web Page Generation in Jenkins
2022-05-13 01:01:01
CVE-2019-1003050
2019-04-10 21:29:01
cvelist
cvelist
CVE-2019-1003050
2019-04-10 20:12:30
github
github
Improper Neutralization of Input During Web Page Generation in Jenkins
2022-05-13 01:01:01
alpinelinux
alpinelinux
CVE-2019-1003050
2019-04-10 21:29:01
nessus
nessus
Jenkins < 2.164.2 LTS / 2.172 Multiple Vulnerabilities
2019-04-18 00:00:00
archlinux
archlinux
[ASA-201904-7] jenkins: multiple issues
2019-04-11 00:00:00
openvas
openvas
Jenkins < 2.164.2 LTS and < 2.172 Multiple Vulnerabilities - Linux
2019-04-17 00:00:00
Jenkins < 2.164.2 LTS and < 2.172 Multiple Vulnerabilities - Windows
2019-04-17 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00