Lucene search
GoogleOSV:GHSA-6456-XJM5-G3PGHistoryMay 13, 2022 - 1:01 a.m.
Cross-site scripting vulnerability exists in Jenkins and Stapler Plugin
2022-05-1301:01:02
Google
osv.dev
17
jenkins
stapler plugin
cross-site scripting
vulnerability
http 404
debug mode
A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework’s org/kohsuke/stapler/Stapler.java that allows attackers with the ability to control the existence of some URLs in Jenkins to define JavaScript that would be executed in another user’s browser when that other user views HTTP 404 error pages while Stapler debug mode is enabled.
Related
redhatcve
redhatcve
CVE-2018-1999007
2018-07-30 03:49:14
github
github
Cross-site scripting vulnerability exists in Jenkins and Stapler Plugin
2022-05-13 01:01:02
cvelist
cvelist
CVE-2018-1999007
2018-07-23 19:00:00
prion
prion
Cross site scripting
2018-07-23 19:29:00
nvd
nvd
CVE-2018-1999007
2018-07-23 19:29:00
cve
cve
CVE-2018-1999007
2018-07-23 19:29:00
osv
osv
CVE-2018-1999007
2018-07-23 19:29:00
archlinux
archlinux
[ASA-201807-14] jenkins: multiple issues
2018-07-21 00:00:00
freebsd
freebsd
jenkins -- multiple vulnerabilities
2018-07-18 00:00:00
openvas
openvas
Jenkins < 2.133 and < 2.121.2 LTS Multiple Vulnerabilities - Linux
2018-07-24 00:00:00
Jenkins < 2.133 and < 2.121.2 LTS Multiple Vulnerabilities - Windows
2018-07-24 00:00:00
nessus
nessus
FreeBSD : jenkins -- multiple vulnerabilities (20a1881e-8a9e-11e8-bddf-d017c2ca229d)
2018-07-20 00:00:00
Jenkins < 2.121.2 / 2.133 Multiple Vulnerabilities
2018-08-09 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00