3 matches found
CVE-2023-28670
Jenkins Pipeline Aggregator View Plugin 1.13 and earlier does not escape a variable representing the current view's URL in inline JavaScript, resulting in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission...
CVE-2023-28670
Jenkins Pipeline Aggregator View Plugin 1.13 and earlier does not escape a variable representing the current view's URL in inline JavaScript, resulting in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission...
CVE-2023-28670
The CVE-2023-28670 entry pertains to Jenkins Pipeline Aggregator View Plugin (versions 1.13 and earlier). The vulnerability is a stored XSS where a variable representing the current view URL is not escaped in inline JavaScript, enabling exploitation by authenticated attackers with Overall/Read pe...