2 matches found
CVE-2018-1000415
A cross-site scripting vulnerability exists in Jenkins Rebuilder Plugin 1.28 and earlier in RebuildAction/BooleanParameterValue.jelly, RebuildAction/ExtendedChoiceParameterValue.jelly, RebuildAction/FileParameterValue.jelly, RebuildAction/LabelParameterValue.jelly,...
CVE-2018-1000415
CVE-2018-1000415 describes a cross-site scripting vulnerability in the Jenkins Rebuilder Plugin (versions ≤ 1.28) affecting multiple RebuildAction jelly parameter files. The flaw allows users with Job/Configuration permission to inject arbitrary HTML into rebuild forms, enabling partial confident...