Lucene search
Redhat.comRH:CVE-2024-28150HistoryMar 06, 2024 - 6:46 p.m.
CVE-2024-28150
2024-03-0618:46:50
redhat.com
access.redhat.com
11
jenkins
html publisher plugin
xss
stored vulnerability
A flaw was found in jenkins-2-plugins. The HTML Publisher Plugin 1.32 and earlier does not escape job names, report names, and index page titles shown as part of the report frame. This issue may result in a stored cross-site scripting (XSS) vulnerability that is exploitable by attackers with Item/Configure permissions.
Related
cve
cve
CVE-2024-28150
2024-03-06 17:15:10
prion
prion
Cross site scripting
2024-03-06 17:15:00
github
github
Jenkins HTML Publisher Plugin Stored XSS vulnerability
2024-03-06 18:30:38
osv
osv
Jenkins HTML Publisher Plugin Stored XSS vulnerability
2024-03-06 18:30:38
veracode
veracode
Cross-site Scripting (XSS)
2024-03-11 05:22:10
cvelist
cvelist
CVE-2024-28150
2024-03-06 17:01:53
nvd
nvd
CVE-2024-28150
2024-03-06 17:15:10
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-03-06)
2024-03-07 00:00:00