3.5
CVSSv2

CVE-2021-21603

Published: 13/01/2021 Updated: 02/11/2023
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

Jenkins 2.274 and previous versions, LTS 2.263.1 and previous versions does not escape notification bar response contents, resulting in a cross-site scripting (XSS) vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

jenkins jenkins

Vendor Advisories

Synopsis Important: OpenShift Container Platform 4617 security and packages update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4617 is now available withupdates to packages and images that fix several bugsThis release includes a security update for Red ...
Jenkins 2274 and earlier, LTS 22631 and earlier does not escape notification bar response contents (typically shown after form submissions via Apply button) This results in a cross-site scripting (XSS) vulnerability exploitable by attackers able to influence notification bar contents Jenkins 2275, LTS 22632 escapes the content shown in noti ...