Jenkins 2.423 and earlier, LTS... CVE-2023-43495

- AV AC AU C I A
发布: 2023-09-20
修订: 2023-09-23

Jenkins 2.423 and earlier, LTS 2.414.1 and earlier does not escape the value of the 'caption' constructor parameter of 'ExpandableDetailsNote', resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control this parameter.

0%
暂无可用Exp或PoC
当前有2条受影响产品信息