CVE-2024-23905
CVSS v3.1
5.4 (Medium)
EPSS
0.04 % (14th)
Affected Products
1
Advisories
2
Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
Weaknesses
- CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE Status
- PUBLISHED
- CNA
- Jenkins Project
- Published Date
-
2024-01-24 18:15:09
(7 months ago) - Updated Date
-
2024-01-29 19:26:11
(7 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...