Vulnerability Database
289,697
Total vulnerabilities in the database
CVE-2019-10383
A stored cross-site scripting vulnerability in Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed attackers with Overall/Administer permission to configure the update site URL to inject arbitrary HTML and JavaScript in update center web pages.
| Software | From | Fixed in |
|---|---|---|
| jenkins / jenkins | - | 2.176.2.x |
| jenkins / jenkins | - | 2.191.x |
| oracle / communications_cloud_native_core_automated_test_suite | 1.9.0 | 1.9.0.x |
| redhat / openshift_container_platform | 3.11 | 3.11.x |
| redhat / openshift_container_platform | 4.1 | 4.1.x |
org.jenkins-ci.main / jenkins-core
|
- | 2.176.3 |
|
org.jenkins-ci.main / jenkins-core
|
2.177 | 2.192 |