RSS   Vulnerabilities for 'Config file provider'   RSS

2019-01-09
 
CVE-2018-1000413

CWE-79
 

 
A cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.1 and earlier in configfiles.jelly, providerlist.jelly that allows users with the ability to configure configuration files to insert arbitrary HTML into some pages in Jenkins.

 


Copyright 2024, cxsecurity.com

 

Back to Top