Jenkins Pipeline: Build Step Plugin... CVE-2023-25762

- AV AC AU C I A
发布: 2023-02-15
修订: 2023-11-03

Jenkins Pipeline: Build Step Plugin 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet Generator, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control job names.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息