VULHUB ™

Jenkins Blue Ocean Plugins 1.10.1及之前版本中的多个文件存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的HTML。（多个文件包括：blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java、 blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java、 blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/JSONDataWriter.java、 blueocean-rest-impl/src/main/java/io/jenkins/blueocean/service/embedded/UserStatePreloader.java和 blueocean-web/src/main/resources/io/jenkins/blueocean/PageStatePreloadDecorator/header.jelly）

Jenkins Blue Ocean Plugins 1.10.1及之前版本中的多个文件存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的HTML。（多个文件包括：blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java、 blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java、 blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/JSONDataWriter.java、 blueocean-rest-impl/src/main/java/io/jenkins/blueocean/service/embedded/UserStatePreloader.java和 blueocean-web/src/main/resources/io/jenkins/blueocean/PageStatePreloadDecorator/header.jelly）