CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Update-Center2 >> 3.13 Security Vulnerabilities

CVE-2023-27905

Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a plugin for hosting.

CVSS Score

9.6

EPSS Score

0.01

Published

2023-03-10

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Update-Center2 >> 3.13 Security Vulnerabilities

Products

Pricing

Contact Us