CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Pipeline Aggregator View Security Vulnerabilities

CVE-2023-28670

Jenkins Pipeline Aggregator View Plugin 1.13 and earlier does not escape a variable representing the current view's URL in inline JavaScript, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by authenticated attackers with Overall/Read permission.

CVSS Score

5.4

EPSS Score

0.007

Published

2023-04-02

CVE-2019-16564

Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names.

CVSS Score

5.4

EPSS Score

0.002

Published

2019-12-17

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Pipeline Aggregator View Security Vulnerabilities

Products

Pricing

Contact Us