Cross-site Scripting (XSS)

2020-06-1903:53:37

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

22.3%

JSON

jenkins-subversion-plugin is vulnerable to cross-site scripting (XSS). The vulnerability exists as it does not escape the error message for the Project Repository Base URL field form validation.

CPENameOperatorVersion
jenkins-2-pluginseq3.11.1597310986__1.el7
jenkins-2-pluginseq4.4.1583444859__1.el7
jenkins-2-pluginseq3.11.1535566135__1.el7
jenkins-2-pluginseq3.11.1560870549__1.el7
jenkins-2-pluginseq3.10.1525788236__1.el7
jenkins-2-pluginseq4.2.1574873592__1.el7
jenkins-2-pluginseq3.11.1539805268__1.el7
jenkins-2-pluginseq3.9.1519779801__1.el7
jenkins-2-pluginseq4.3.1583445947__1.el7
jenkins-2-pluginseq3.11.1579107288__1.el7

Name	Operator	Version
jenkins-2-plugins	eq	3.11.1597310986__1.el7
jenkins-2-plugins	eq	4.4.1583444859__1.el7
jenkins-2-plugins	eq	3.11.1535566135__1.el7
jenkins-2-plugins	eq	3.11.1560870549__1.el7
jenkins-2-plugins	eq	3.10.1525788236__1.el7
jenkins-2-plugins	eq	4.2.1574873592__1.el7
jenkins-2-plugins	eq	3.11.1539805268__1.el7
jenkins-2-plugins	eq	3.9.1519779801__1.el7
jenkins-2-plugins	eq	4.3.1583445947__1.el7
jenkins-2-plugins	eq	3.11.1579107288__1.el7