github.com/woodpecker-ci/woodpecker is vulnerable to cross-site scripting. The vulnerability exists in BuildLog.vue
due to lack of escaping in build logs which allows an attacker to inject and execute arbitrary javascript.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/woodpecker-ci/woodpecker | le | v0.15.0 | |
github.com/woodpecker-ci/woodpecker | le | v0.15.0 |