2 matches found
CVE-2018-1000113
The CVE-2018-1000113 entry describes a cross-site scripting vulnerability in Jenkins TestLink Plugin (versions up to 2.12) affecting TestLinkBuildAction/summary.jelly and related components. The root cause is improper handling of user-controlled report names, enabling an attacker to cause Jenkins...
CVE-2018-1000113
A cross-site scripting vulnerability exists in Jenkins TestLink Plugin 2.12 and earlier in TestLinkBuildAction/summary.jelly and others that allow an attacker who can control e.g. TestLink report names to have Jenkins serve arbitrary HTML and JavaScript...