Lucene search
Veracode Vulnerability DatabaseVERACODE:40711HistoryMay 28, 2023 - 2:43 p.m.
Cross-site Scripting (XSS)
2023-05-2814:43:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
workflow-job
cross-site scripting
xss
vulnerability
summary.jelly
javascript injection
0.001 Low
EPSS
Percentile
29.5%
workflow-job is vulnerable to Cross-site Scripting (XSS). The vulnerability exists because the displayName attribute of the summary.jelly does not escape before being rendered, allowing an attacker to inject and execute malicious JavaScript.
Related
prion
prion
Cross site scripting
2023-05-16 16:15:00
osv
osv
Jenkins Pipeline: Job Plugin vulnerable to stored Cross-site Scripting
2023-05-16 18:30:16
cvelist
cvelist
CVE-2023-32977
2023-05-16 15:59:58
alpinelinux
alpinelinux
CVE-2023-32977
2023-05-16 16:15:10
cve
cve
CVE-2023-32977
2023-05-16 16:15:10
github
github
Jenkins Pipeline: Job Plugin vulnerable to stored Cross-site Scripting
2023-05-16 18:30:16
nvd
nvd
CVE-2023-32977
2023-05-16 16:15:10
redhatcve
redhatcve
CVE-2023-32977
2023-05-17 04:58:01
nessus
nessus
RHEL 8 : OpenShift Container Platform 4.10.62 (RHSA-2023:3625)
2024-04-28 00:00:00
RHCOS 4 : OpenShift Container Platform 4.10.62 (RHSA-2023:3625)
2024-01-24 00:00:00
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3610)
2024-04-28 00:00:00
redhat
redhat
(RHSA-2023:3610) Important: jenkins and jenkins-2-plugins security update
2023-06-15 00:10:54
(RHSA-2023:3663) Important: jenkins and jenkins-2-plugins security update
2023-06-19 10:09:14