Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2023-43495
Jenkins 2.423 and earlier, LTS 2.414.1 and earlier does not escape the value of the 'caption' constructor parameter of 'ExpandableDetailsNote', resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control this parameter.
| Software | From | Fixed in |
|---|---|---|
org.jenkins-ci.main / jenkins-core
|
2.50 | 2.414.2 |
|
org.jenkins-ci.main / jenkins-core
|
2.415 | 2.424 |
| jenkins / jenkins | - | 2.424 |
| jenkins / jenkins | - | 2.414.2 |