Lucene search
JenkinsCVELIST:CVE-2023-32977HistoryMay 16, 2023 - 3:59 p.m.
CVE-2023-32977
2023-05-1615:59:58
jenkins
www.cve.org
2
jenkins
pipeline
stored xss
vulnerability
job plugin
cross-site scripting
Jenkins Pipeline: Job Plugin does not escape the display name of the build that caused an earlier build to be aborted, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to set build display names immediately.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Jenkins Pipeline: Job Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1295.v395eb_7400005",
"versionType": "maven"
},
{
"lessThan": "1289.*",
"status": "unaffected",
"version": "1289.1291.vb_7c188e7e7df",
"versionType": "maven"
},
{
"lessThan": "1207.*",
"status": "unaffected",
"version": "1207.1209.v69351208a_5a_7",
"versionType": "maven"
}
]
}
]Related
prion
prion
Cross site scripting
2023-05-16 16:15:00
osv
osv
Jenkins Pipeline: Job Plugin vulnerable to stored Cross-site Scripting
2023-05-16 18:30:16
veracode
veracode
Cross-site Scripting (XSS)
2023-05-28 14:43:44
alpinelinux
alpinelinux
CVE-2023-32977
2023-05-16 16:15:10
cve
cve
CVE-2023-32977
2023-05-16 16:15:10
github
github
Jenkins Pipeline: Job Plugin vulnerable to stored Cross-site Scripting
2023-05-16 18:30:16
nvd
nvd
CVE-2023-32977
2023-05-16 16:15:10
redhatcve
redhatcve
CVE-2023-32977
2023-05-17 04:58:01
nessus
nessus
RHEL 8 : OpenShift Container Platform 4.10.62 (RHSA-2023:3625)
2024-04-28 00:00:00
RHCOS 4 : OpenShift Container Platform 4.10.62 (RHSA-2023:3625)
2024-01-24 00:00:00
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3610)
2024-04-28 00:00:00
redhat
redhat
(RHSA-2023:3610) Important: jenkins and jenkins-2-plugins security update
2023-06-15 00:10:54
(RHSA-2023:3663) Important: jenkins and jenkins-2-plugins security update
2023-06-19 10:09:14