65 matches found
Cross site scripting
The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view...
CVE-2017-1000109
CVE-2017-1000109 is confirmed in connected sources as a persisted XSS vulnerability in the Jenkins OWASP Dependency-Check Plugin, specifically in the custom Details view where input could inject arbitrary HTML. Multiple entries corroborate the issue and its association with the Dependency-Check J...
UPDATE: OWASP Dependency-Check 2.1.1!
PenTestIT RSS Feed My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.1.1! This release contains a few...
Jenkins OWASP Dependency-Check plugin HTML injection vulnerability
CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools , it is mainly used to monitor the continuous software version release/testing projects and some timed tasks . OWASP Dependency-Check Plugin is one of the dependency check plugin . Dependency-Check...
UPDATE: OWASP Dependency-Check 2.1.0!
PenTestIT RSS Feed My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.1.0! What I like about this release...