CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16564

Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2019-16564

Jenkins » Pipeline Aggregator View » Version: 1.0

cpe:2.3:a:jenkins:pipeline_aggregator_view:1.0
Jenkins » Pipeline Aggregator View » Version: 1.1

cpe:2.3:a:jenkins:pipeline_aggregator_view:1.1
Jenkins » Pipeline Aggregator View » Version: 1.2

cpe:2.3:a:jenkins:pipeline_aggregator_view:1.2
Jenkins » Pipeline Aggregator View » Version: 1.3

cpe:2.3:a:jenkins:pipeline_aggregator_view:1.3
Jenkins » Pipeline Aggregator View » Version: 1.4

cpe:2.3:a:jenkins:pipeline_aggregator_view:1.4
Jenkins » Pipeline Aggregator View » Version: 1.5

cpe:2.3:a:jenkins:pipeline_aggregator_view:1.5
Jenkins » Pipeline Aggregator View » Version: 1.6

cpe:2.3:a:jenkins:pipeline_aggregator_view:1.6
Jenkins » Pipeline Aggregator View » Version: 1.7

cpe:2.3:a:jenkins:pipeline_aggregator_view:1.7
Jenkins » Pipeline Aggregator View » Version: 1.8

cpe:2.3:a:jenkins:pipeline_aggregator_view:1.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16564

Products

Pricing

Contact Us