Vulnerability Details CVE-2023-32984
Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a crafted TestNG report file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.3%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2023-32984
-
cpe:2.3:a:jenkins:testng_results:0.10
-
cpe:2.3:a:jenkins:testng_results:0.11
-
cpe:2.3:a:jenkins:testng_results:0.12
-
cpe:2.3:a:jenkins:testng_results:0.13
-
cpe:2.3:a:jenkins:testng_results:0.14
-
cpe:2.3:a:jenkins:testng_results:0.15
-
cpe:2.3:a:jenkins:testng_results:0.16
-
cpe:2.3:a:jenkins:testng_results:0.17
-
cpe:2.3:a:jenkins:testng_results:0.18
-
cpe:2.3:a:jenkins:testng_results:0.19
-
cpe:2.3:a:jenkins:testng_results:0.20
-
cpe:2.3:a:jenkins:testng_results:0.21
-
cpe:2.3:a:jenkins:testng_results:0.22
-
cpe:2.3:a:jenkins:testng_results:0.23
-
cpe:2.3:a:jenkins:testng_results:0.24
-
cpe:2.3:a:jenkins:testng_results:0.25
-
cpe:2.3:a:jenkins:testng_results:0.26
-
cpe:2.3:a:jenkins:testng_results:0.27
-
cpe:2.3:a:jenkins:testng_results:0.28
-
cpe:2.3:a:jenkins:testng_results:0.29
-
cpe:2.3:a:jenkins:testng_results:0.30
-
cpe:2.3:a:jenkins:testng_results:0.31
-
cpe:2.3:a:jenkins:testng_results:0.32
-
cpe:2.3:a:jenkins:testng_results:0.33
-
cpe:2.3:a:jenkins:testng_results:0.9
-
cpe:2.3:a:jenkins:testng_results:1.0
-
cpe:2.3:a:jenkins:testng_results:1.1
-
cpe:2.3:a:jenkins:testng_results:1.10
-
cpe:2.3:a:jenkins:testng_results:1.11
-
cpe:2.3:a:jenkins:testng_results:1.12
-
cpe:2.3:a:jenkins:testng_results:1.13
-
cpe:2.3:a:jenkins:testng_results:1.14
-
cpe:2.3:a:jenkins:testng_results:1.15
-
cpe:2.3:a:jenkins:testng_results:1.2
-
cpe:2.3:a:jenkins:testng_results:1.3
-
cpe:2.3:a:jenkins:testng_results:1.4
-
cpe:2.3:a:jenkins:testng_results:1.5
-
cpe:2.3:a:jenkins:testng_results:1.6
-
cpe:2.3:a:jenkins:testng_results:1.7
-
cpe:2.3:a:jenkins:testng_results:1.8
-
cpe:2.3:a:jenkins:testng_results:1.9
-
cpe:2.3:a:jenkins:testng_results:1.9.1
-
cpe:2.3:a:jenkins:testng_results:552.va20eb2369116
-
cpe:2.3:a:jenkins:testng_results:554.va4a552116332
-
cpe:2.3:a:jenkins:testng_results:555.va0d5f66521e3
-
cpe:2.3:a:jenkins:testng_results:700.va_ea_5873a_3399