CVE-2023-35146 in Template Workflows Plugininfo

Zusammenfassung

von MITRE • 14.06.2023

Jenkins Template Workflows Plugin 41.v32d86a_313b_4a and earlier does not escape names of jobs used as buildings blocks for Template Workflow Job, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create jobs.

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

14.06.2023

Veröffentlichung

14.06.2023

Moderieren

akzeptiert

Eintrag

VDB-231537

CPE

bereit

EPSS

0.00752

KEV

nein

Aktivitäten

very low

Quellen

Do you know our Splunk app?

Download it now for free!