3 matches found
CVE-2023-28679
Jenkins Mashup Portlets Plugin 1.1.2 and earlier provides the "Generic JS Portlet" feature that lets a user populate a portlet using a custom JavaScript expression, resulting in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission...
CVE-2023-28679
Summary: CVE-2023-28679 affects Jenkins Mashup Portlets Plugin (versions ≤ 1.1.2). The vulnerability is a stored cross-site scripting (XSS) flaw introduced by the Generic JS Portlet feature, which allows a user to populate a portlet with a custom JavaScript expression. The issue can be exploited ...
CVE-2023-28679
Jenkins Mashup Portlets Plugin 1.1.2 and earlier provides the "Generic JS Portlet" feature that lets a user populate a portlet using a custom JavaScript expression, resulting in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission...