4 matches found
GHSA-H6QC-455M-7V6V Stored XSS vulnerability in single axis builds tooltips in Jenkins Matrix Project Plugin
Matrix Project Plugin 1.16 and earlier does not escape node names shown in tooltips on the overview page of builds with a single axis. This results in a stored cross-site scripting XSS vulnerability exploitable by users with Agent/Configure permission. Matrix Project Plugin 1.17 escapes the node...
jenkins-2-plugins/matrix-project: Stored XSS vulnerability in single axis builds tooltips
A flaw was found in the Matrix Project Plugin version 1.16 and prior. Node names shown in tooltips are not escaped on the overview page of builds with a single axis which could lead to a stored cross-site scripting XSS vulnerability. The user must have the Agent/Configure permission for this...
jenkins-2-plugins/matrix-project: Stored XSS vulnerability in single axis builds tooltips
A flaw was found in the Matrix Project Plugin version 1.16 and prior. Node names shown in tooltips are not escaped on the overview page of builds with a single axis which could lead to a stored cross-site scripting XSS vulnerability. The user must have the Agent/Configure permission for this...
jenkins-2-plugins/matrix-project: Stored XSS vulnerability in single axis builds tooltips
A flaw was found in the Matrix Project Plugin version 1.16 and prior. Node names shown in tooltips are not escaped on the overview page of builds with a single axis which could lead to a stored cross-site scripting XSS vulnerability. The user must have the Agent/Configure permission for this...