CVE-2019-1003042
N/A
N/A
Summary
A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Jenkins project | Jenkins Lockable Resources Plugin | 2.4 and earlier | affected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- http://www.openwall.com/lists/oss-security/2019/03/28/2
- http://www.securityfocus.com/bid/107628
- https://access.redhat.com/errata/RHSA-2019:1423
- https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1361
References
- http://www.openwall.com/lists/oss-security/2019/03/28/2
- http://www.securityfocus.com/bid/107628
- https://access.redhat.com/errata/RHSA-2019:1423
- https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1361
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.