CVE-2019-10346

2019-07-1114:15:10

Google

osv.dev

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.7%

JSON

A reflected cross site scripting vulnerability in Jenkins Embeddable Build Status Plugin 2.0.1 and earlier allowed attackers inject arbitrary HTML and JavaScript into the response of this plugin.

CPENameOperatorVersion
embeddable-build-status-plugineqembeddable-build-status-1.9
embeddable-build-status-plugineqembeddable-build-status-1.4
embeddable-build-status-plugineqembeddable-build-status-1.7
embeddable-build-status-plugineqembeddable-build-status-1.1
embeddable-build-status-plugineqembeddable-build-status-2.0-beta1
embeddable-build-status-plugineqembeddable-build-status-2.0-beta2
embeddable-build-status-plugineqembeddable-build-status-1.2
embeddable-build-status-plugineqembeddable-build-status-1.6
embeddable-build-status-plugineqembeddable-build-status-1.5
embeddable-build-status-plugineqembeddable-build-status-1.0

Name	Operator	Version
embeddable-build-status-plugin	eq	embeddable-build-status-1.9
embeddable-build-status-plugin	eq	embeddable-build-status-1.4
embeddable-build-status-plugin	eq	embeddable-build-status-1.7
embeddable-build-status-plugin	eq	embeddable-build-status-1.1
embeddable-build-status-plugin	eq	embeddable-build-status-2.0-beta1
embeddable-build-status-plugin	eq	embeddable-build-status-2.0-beta2
embeddable-build-status-plugin	eq	embeddable-build-status-1.2
embeddable-build-status-plugin	eq	embeddable-build-status-1.6
embeddable-build-status-plugin	eq	embeddable-build-status-1.5
embeddable-build-status-plugin	eq	embeddable-build-status-1.0