2 matches found
de.einsundeins.jenkins.plugins.failedjobdeactivator:failedJobDeactivator (>=1.2 <=1.2.1) potentially affected by CVE-2018-1000416 via org.jenkins-ci.plugins:jobConfigHistory (=2.12)
org.jenkins-ci.plugins:jobConfigHistory MAVEN version =2.12 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:jobConfigHistory and may be impacted: - de.einsundeins.jenkins.plugins.failedjobdeactivator:failedJobDeactivator =1.2,...
CVE-2018-1000416
A reflected cross-site scripting vulnerability exists in Jenkins Job Config History Plugin 2.18 and earlier in all Jelly files that shows arbitrary attacker-specified HTML in Jenkins to users with Job/Configure access...