3 matches found
CVE-2017-1000386
Jenkins Active Choices plugin version 1.5.3 and earlier allowed users with Job/Configure permission to provide arbitrary HTML to be shown on the 'Build With Parameters' page through the 'Active Choices Reactive Reference Parameter' type. This could include, for example, arbitrary JavaScript. Acti...
CVE-2017-1000386
The CVE-2017-1000386 entry relates to the Jenkins Active Choices plugin (versions 1.5.3 and earlier). The vulnerability arises because a user with Job/Configure permission could provide arbitrary HTML in the Active Choices Reactive Reference Parameter, which could render on the Build With Paramet...
CVE-2017-1000386
Jenkins Active Choices plugin version 1.5.3 and earlier allowed users with Job/Configure permission to provide arbitrary HTML to be shown on the 'Build With Parameters' page through the 'Active Choices Reactive Reference Parameter' type. This could include, for example, arbitrary JavaScript. Acti...