AVG-543 log
| Package | jenkins |
| Status | Fixed |
| Severity | Medium |
| Type | cross-site scripting |
| Affected | 2.93-1 |
| Fixed | 2.94-1 |
| Current | 2.454-1 [extra] |
| Ticket | None |
| Created | Thu Dec 7 18:10:57 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-17383 | Medium | Yes | Cross-site scripting | Jenkins through 2.93 allows remote authenticated administrators to conduct XSS attacks via a crafted tool name in a job configuration form, as demonstrated... |
| Notes |
|---|
https://jenkins.io/security/advisory/2018-01-22/#xss-vulnerability-in-job-configuration-forms-in-ant-plugin |