Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.4 views

SUSE CVE-2017-17383

Jenkins through 2.93 allows remote authenticated administrators to conduct XSS attacks via a crafted tool name in a job configuration form, as demonstrated by the JDK tool in Jenkins core and the Ant tool in the Ant plugin, aka SECURITY-624...

4.7CVSS4.4AI score0.01152EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/14 4:4 a.m.5 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +2013 more potentially affected by CVE-2017-17383 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.9)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.1, =0.1.0, =1.0, =0.9, =0.45 and more Source cves: CVE-2017-17383 Source advisory: OSV:GHSA-X3RC-CXV7-6XP6...

4.7CVSS5.7AI score0.01152EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/12/07 12:0 a.m.35 views

Jenkins 'CVE-2017-17383' XSS Vulnerability - Linux

Jenkins is prone to an XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.113063...

4.7CVSS4.6AI score0.01152EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/12/07 12:0 a.m.28 views

Jenkins 'CVE-2017-17383' XSS Vulnerability - Windows

Jenkins is prone to an XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.113064...

4.7CVSS4.6AI score0.01152EPSS
Exploits0References1
CVE
CVE
added 2017/12/06 5:0 a.m.90 views

CVE-2017-17383

CVE-2017-17383 affects Jenkins up to version 2.93, enabling remote authenticated administrators to perform cross-site scripting by crafting a tool name in a job configuration form (e.g., the JDK tool in core and the Ant tool in the Ant plugin; SECURITY-624). The vulnerability originates from how ...

4.7CVSS4.1AI score0.01152EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder