Jenkins Build Failure Analyzer... CVE-2023-43499

- AV AC AU C I A
发布: 2023-09-20
修订: 2023-09-22

Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not escape Failure Cause names in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or update Failure Causes.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息