CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Sonargraph Integration >> 3.0.1 Security Vulnerabilities

CVE-2023-35145

Jenkins Sonargraph Integration Plugin 5.0.1 and earlier does not escape the file path and the project name for the Log file field form validation, resulting in a stored cross-site scripting vulnerability exploitable by attackers with Item/Configure permission.

CVSS Score

5.4

EPSS Score

0.004

Published

2023-06-14

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Sonargraph Integration >> 3.0.1 Security Vulnerabilities

Products

Pricing

Contact Us