2 matches found
CVE-2023-35145
A flaw was found in the Jenkins Sonargraph Integration Plugin, where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. This flaw allows a remote, authenticated attacker to inject malicious script into a Web page, which would be executed in a victim...
PT-2023-25164 · Jenkins · Jenkins Sonargraph Integration Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Sonargraph Integration Plugin versions 5.0.1 and earlier Description: The issue is related to a stored cross-site scripting vulnerability. It occurs because the file path and the project name for the Log file field form validation are...