AVG-543 log
Package | jenkins |
Status | Fixed |
Severity | Medium |
Type | cross-site scripting |
Affected | 2.93-1 |
Fixed | 2.94-1 |
Current | 2.485-1 [extra] |
Ticket | None |
Created | Thu Dec 7 18:10:57 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-17383 | Medium | Yes | Cross-site scripting | Jenkins through 2.93 allows remote authenticated administrators to conduct XSS attacks via a crafted tool name in a job configuration form, as demonstrated... |
Notes |
---|
https://jenkins.io/security/advisory/2018-01-22/#xss-vulnerability-in-job-configuration-forms-in-ant-plugin |