3 matches found
CVE-2017-1000109
CVE-2017-1000109 is confirmed in connected sources as a persisted XSS vulnerability in the Jenkins OWASP Dependency-Check Plugin, specifically in the custom Details view where input could inject arbitrary HTML. Multiple entries corroborate the issue and its association with the Dependency-Check J...
CVE-2017-1000109
The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view...
UPDATE: OWASP Dependency-Check 2.1.1!
PenTestIT RSS Feed My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.1.1! This release contains a few...