CVE-2019-10383 log
Source |
|
Severity | Low |
Remote | Yes |
Type | Cross-site scripting |
Description | Jenkins did not properly escape the update site URL in some status messages shown in the update center, resulting in a stored cross-site scripting vulnerability that is exploitable by administrators and affects other administrators. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1030 | jenkins | 2.189-1 | 2.192-1 | Medium | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
30 Aug 2019 | ASA-201908-22 | AVG-1030 | jenkins | Medium | multiple issues |
References |
---|
https://jenkins.io/security/advisory/2019-08-28/ |