CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Jenkins >> 2.150.3 Security Vulnerabilities

CVE-2019-1003050

The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.

CVSS Score

5.4

EPSS Score

0.011

Published

2019-04-10

Page 11

Vulnerabilities

Vulnerable Software

Jenkins: >> Jenkins >> 2.150.3 Security Vulnerabilities

Products

Pricing

Contact Us