Vulnerability Details CVE-2018-1000413
A cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.1 and earlier in configfiles.jelly, providerlist.jelly that allows users with the ability to configure configuration files to insert arbitrary HTML into some pages in Jenkins.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.7%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2018-1000413
-
cpe:2.3:a:jenkins:config_file_provider:1.0
-
cpe:2.3:a:jenkins:config_file_provider:1.1
-
cpe:2.3:a:jenkins:config_file_provider:1.2
-
cpe:2.3:a:jenkins:config_file_provider:1.4
-
cpe:2.3:a:jenkins:config_file_provider:1.5
-
cpe:2.3:a:jenkins:config_file_provider:1.6
-
cpe:2.3:a:jenkins:config_file_provider:1.6.1
-
cpe:2.3:a:jenkins:config_file_provider:1.9.1
-
cpe:2.3:a:jenkins:config_file_provider:2.0
-
cpe:2.3:a:jenkins:config_file_provider:2.1
-
cpe:2.3:a:jenkins:config_file_provider:2.1.1
-
cpe:2.3:a:jenkins:config_file_provider:2.10.0
-
cpe:2.3:a:jenkins:config_file_provider:2.10.1
-
cpe:2.3:a:jenkins:config_file_provider:2.11
-
cpe:2.3:a:jenkins:config_file_provider:2.12
-
cpe:2.3:a:jenkins:config_file_provider:2.13
-
cpe:2.3:a:jenkins:config_file_provider:2.14
-
cpe:2.3:a:jenkins:config_file_provider:2.14.1
-
cpe:2.3:a:jenkins:config_file_provider:2.14.2
-
cpe:2.3:a:jenkins:config_file_provider:2.15
-
cpe:2.3:a:jenkins:config_file_provider:2.15.1
-
cpe:2.3:a:jenkins:config_file_provider:2.15.2
-
cpe:2.3:a:jenkins:config_file_provider:2.15.3
-
cpe:2.3:a:jenkins:config_file_provider:2.15.4
-
cpe:2.3:a:jenkins:config_file_provider:2.15.5
-
cpe:2.3:a:jenkins:config_file_provider:2.15.6
-
cpe:2.3:a:jenkins:config_file_provider:2.15.7
-
cpe:2.3:a:jenkins:config_file_provider:2.16.0
-
cpe:2.3:a:jenkins:config_file_provider:2.16.1
-
cpe:2.3:a:jenkins:config_file_provider:2.16.2
-
cpe:2.3:a:jenkins:config_file_provider:2.16.3
-
cpe:2.3:a:jenkins:config_file_provider:2.16.4
-
cpe:2.3:a:jenkins:config_file_provider:2.17
-
cpe:2.3:a:jenkins:config_file_provider:2.18
-
cpe:2.3:a:jenkins:config_file_provider:2.2.1
-
cpe:2.3:a:jenkins:config_file_provider:2.3
-
cpe:2.3:a:jenkins:config_file_provider:2.4
-
cpe:2.3:a:jenkins:config_file_provider:2.5
-
cpe:2.3:a:jenkins:config_file_provider:2.5.1
-
cpe:2.3:a:jenkins:config_file_provider:2.6
-
cpe:2.3:a:jenkins:config_file_provider:2.6.1
-
cpe:2.3:a:jenkins:config_file_provider:2.6.2
-
cpe:2.3:a:jenkins:config_file_provider:2.7
-
cpe:2.3:a:jenkins:config_file_provider:2.7.1
-
cpe:2.3:a:jenkins:config_file_provider:2.7.2
-
cpe:2.3:a:jenkins:config_file_provider:2.7.3
-
cpe:2.3:a:jenkins:config_file_provider:2.7.4
-
cpe:2.3:a:jenkins:config_file_provider:2.7.5
-
cpe:2.3:a:jenkins:config_file_provider:2.8.1
-
cpe:2.3:a:jenkins:config_file_provider:2.9.1
-
cpe:2.3:a:jenkins:config_file_provider:2.9.2
-
cpe:2.3:a:jenkins:config_file_provider:2.9.3
-
cpe:2.3:a:jenkins:config_file_provider:3.0
-
cpe:2.3:a:jenkins:config_file_provider:3.1