Lucene search
GoogleOSV:BIT-JENKINS-2023-43495HistoryMar 06, 2024 - 10:54 a.m.
BIT-jenkins-2023-43495
2024-03-0610:54:50
Google
osv.dev
12
jenkins
lts
stored xss
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
33.0%
Jenkins 2.423 and earlier, LTS 2.414.1 and earlier does not escape the value of the ‘caption’ constructor parameter of ‘ExpandableDetailsNote’, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control this parameter.
Related
osv
osv
Jenkins Cross-site Scripting vulnerability
2023-09-20 18:30:21
CVE-2023-43495
2023-09-20 17:15:11
cvelist
cvelist
CVE-2023-43495
2023-09-20 16:06:09
cve
cve
CVE-2023-43495
2023-09-20 17:15:11
nvd
nvd
CVE-2023-43495
2023-09-20 17:15:11
vulnrichment
vulnrichment
CVE-2023-43495
2023-09-20 16:06:09
alpinelinux
alpinelinux
CVE-2023-43495
2023-09-20 17:15:11
github
github
Jenkins Cross-site Scripting vulnerability
2023-09-20 18:30:21
redhatcve
redhatcve
CVE-2023-43495
2023-09-22 11:54:51
veracode
veracode
Cross-site Scripting
2023-09-25 07:18:08
prion
prion
Cross site scripting
2023-09-20 17:15:00
nessus
nessus
freebsd
freebsd
jenkins -- multiple vulnerabilities
2023-09-20 00:00:00
redos
redos
ROS-20240411-08
2024-04-11 00:00:00
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
33.0%
Related for OSV:BIT-JENKINS-2023-43495