5 matches found
CVE-2024-28160
Jenkins iceScrum Plugin 1.1.6 and earlier does not sanitize iceScrum project URLs on build views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs...
CVE-2024-28160
creationtimestamp| type| source ---|---|--- 2024-03-06 18:27:00+00:00| seen| https://t.me/ctinow/201631...
CVE-2024-28160
Jenkins iceScrum Plugin 1.1.6 and earlier does not sanitize iceScrum project URLs on build views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs...
CVE-2024-28160
Jenkins iceScrum Plugin 1.1.6 and earlier does not sanitize iceScrum project URLs on build views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs...
CVE-2024-28160
CVE-2024-28160 affects the Jenkins iceScrum Plugin (versions 1.1.6 and earlier). The vulnerability arises because the plugin does not sanitize iceScrum project URLs on build views, leading to a stored cross-site scripting (XSS) vulnerability. This can be exploited by attackers who have the abilit...