vulnerability
Jenkins Advisory 2018-10-10:
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | Jan 21, 2019 | Jan 21, 2019 | Feb 19, 2025 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Jan 21, 2019
Added
Jan 21, 2019
Modified
Feb 19, 2025
Description
The wrapper query parameter for the XML variant of the Jenkins remote API did not validate the specified tag name. This resulted in a reflected cross-site scripting vulnerability.
Solutions
jenkins-lts-upgrade-2_138_2jenkins-upgrade-2_146
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.