Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJenkinsCVELIST:CVE-2023-40346
HistoryAug 16, 2023 - 2:32 p.m.

CVE-2023-40346

2023-08-1614:32:55
jenkins
www.cve.org
cve-2023-40346
jenkins
shortcut job plugin
cross-site scripting
stored xss
security vulnerability
configuration

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.6%

JSON

Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure shortcut jobs.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Jenkins Shortcut Job Plugin",
    "vendor": "Jenkins Project",
    "versions": [
      {
        "lessThanOrEqual": "0.4",
        "status": "affected",
        "version": "0",
        "versionType": "maven"
      }
    ]
  }
]

Related

osv 1
github 1
prion 1
nvd 1
cve 1
nessus 1
osv
osv
Jenkins Shortcut Job Plugin stored cross-site scripting vulnerability
2023-08-16 15:30:18
github
github
Jenkins Shortcut Job Plugin stored cross-site scripting vulnerability
2023-08-16 15:30:18
prion
prion
Cross site scripting
2023-08-16 15:15:00
nvd
nvd
CVE-2023-40346
2023-08-16 15:15:12
cve
cve
CVE-2023-40346
2023-08-16 15:15:12
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2023-08-16)
2023-08-21 00:00:00

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.6%

JSON
Related for CVELIST:CVE-2023-40346
osv1github1prion1nvd1cve1nessus1