3 matches found
Jenkins Config File Provider Plugin XSS vulnerability
An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to delete t...
CVE-2019-1003014
An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to delete t...
PT-2019-11312 Β· Jenkins Β· Jenkins Config File Provider PluginΒ +1
Name of the Vulnerable Software and Affected Versions: Jenkins Config File Provider Plugin versions 3.4.1 and earlier Description: A cross-site scripting issue exists that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to...