3 matches found
CVE-2023-40346
Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...
CVE-2023-40346
Jenkins Shortcut Job Plugin 0.4 and earlier has a stored XSS vulnerability due to not escaping the shortcut redirection URL, exploitable by attackers who can configure shortcut jobs. The advisory notes that Shortcut Job Plugin 0.5 escapes the shortcut redirection URL, mitigating the issue. Affect...
CVE-2023-40346
Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...