CVE-2019-10383 log

Severity Low
Remote Yes
Type Cross-site scripting
Jenkins did not properly escape the update site URL in some status messages shown in the update center, resulting in a stored cross-site scripting vulnerability that is exploitable by administrators and affects other administrators.
Group Package Affected Fixed Severity Status Ticket
AVG-1030 jenkins 2.189-1 2.192-1 Medium Fixed
Date Advisory Group Package Severity Type
30 Aug 2019 ASA-201908-22 AVG-1030 jenkins Medium multiple issues