CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000415

A cross-site scripting vulnerability exists in Jenkins Rebuilder Plugin 1.28 and earlier in RebuildAction/BooleanParameterValue.jelly, RebuildAction/ExtendedChoiceParameterValue.jelly, RebuildAction/FileParameterValue.jelly, RebuildAction/LabelParameterValue.jelly, RebuildAction/ListSubversionTagsParameterValue.jelly, RebuildAction/MavenMetadataParameterValue.jelly, RebuildAction/NodeParameterValue.jelly, RebuildAction/PasswordParameterValue.jelly, RebuildAction/RandomStringParameterValue.jelly, RebuildAction/RunParameterValue.jelly, RebuildAction/StringParameterValue.jelly, RebuildAction/TextParameterValue.jelly, RebuildAction/ValidatingStringParameterValue.jelly that allows users with Job/Configuration permission to insert arbitrary HTML into rebuild forms.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.7%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2018-1000415

Rebuild Project » Rebuild » Version: 1.1

cpe:2.3:a:rebuild_project:rebuild:1.1
Rebuild Project » Rebuild » Version: 1.10

cpe:2.3:a:rebuild_project:rebuild:1.10
Rebuild Project » Rebuild » Version: 1.11

cpe:2.3:a:rebuild_project:rebuild:1.11
Rebuild Project » Rebuild » Version: 1.12

cpe:2.3:a:rebuild_project:rebuild:1.12
Rebuild Project » Rebuild » Version: 1.13

cpe:2.3:a:rebuild_project:rebuild:1.13
Rebuild Project » Rebuild » Version: 1.14

cpe:2.3:a:rebuild_project:rebuild:1.14
Rebuild Project » Rebuild » Version: 1.15

cpe:2.3:a:rebuild_project:rebuild:1.15
Rebuild Project » Rebuild » Version: 1.16

cpe:2.3:a:rebuild_project:rebuild:1.16
Rebuild Project » Rebuild » Version: 1.17

cpe:2.3:a:rebuild_project:rebuild:1.17
Rebuild Project » Rebuild » Version: 1.18

cpe:2.3:a:rebuild_project:rebuild:1.18
Rebuild Project » Rebuild » Version: 1.19

cpe:2.3:a:rebuild_project:rebuild:1.19
Rebuild Project » Rebuild » Version: 1.2

cpe:2.3:a:rebuild_project:rebuild:1.2
Rebuild Project » Rebuild » Version: 1.20

cpe:2.3:a:rebuild_project:rebuild:1.20
Rebuild Project » Rebuild » Version: 1.21

cpe:2.3:a:rebuild_project:rebuild:1.21
Rebuild Project » Rebuild » Version: 1.22

cpe:2.3:a:rebuild_project:rebuild:1.22
Rebuild Project » Rebuild » Version: 1.23

cpe:2.3:a:rebuild_project:rebuild:1.23
Rebuild Project » Rebuild » Version: 1.24

cpe:2.3:a:rebuild_project:rebuild:1.24
Rebuild Project » Rebuild » Version: 1.25

cpe:2.3:a:rebuild_project:rebuild:1.25
Rebuild Project » Rebuild » Version: 1.26

cpe:2.3:a:rebuild_project:rebuild:1.26
Rebuild Project » Rebuild » Version: 1.27

cpe:2.3:a:rebuild_project:rebuild:1.27
Rebuild Project » Rebuild » Version: 1.28

cpe:2.3:a:rebuild_project:rebuild:1.28
Rebuild Project » Rebuild » Version: 1.4

cpe:2.3:a:rebuild_project:rebuild:1.4
Rebuild Project » Rebuild » Version: 1.5

cpe:2.3:a:rebuild_project:rebuild:1.5
Rebuild Project » Rebuild » Version: 1.6

cpe:2.3:a:rebuild_project:rebuild:1.6
Rebuild Project » Rebuild » Version: 1.7

cpe:2.3:a:rebuild_project:rebuild:1.7
Rebuild Project » Rebuild » Version: 1.8

cpe:2.3:a:rebuild_project:rebuild:1.8
Rebuild Project » Rebuild » Version: 1.9

cpe:2.3:a:rebuild_project:rebuild:1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000415

Products

Pricing

Contact Us