A stored cross-site scripting vulnerability in Jenkins 2.191 and previous versions, LTS 2.176.2 and previous versions allowed attackers with Overall/Administer permission to configure the update site URL to inject arbitrary HTML and JavaScript in update center web pages.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins jenkins |
||
oracle communications cloud native core automated test suite 1.9.0 |
||
redhat openshift container platform 3.11 |
||
redhat openshift container platform 4.1 |