Skip to main content

Dashboard View

3 CVEs product

Monthly

CVE-2022-27197 Maven MEDIUM PATCH This Month

Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Dashboard View
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2021-21649 Maven MEDIUM PATCH This Month

Jenkins Dashboard View Plugin 2.15 and earlier does not escape URLs referenced in Image Dashboard Portlets, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Dashboard View
NVD
CVSS 3.1
5.4
EPSS
72.7%
CVE-2019-10396 Maven MEDIUM PATCH This Month

Jenkins Dashboard View Plugin 2.11 and earlier did not escape build descriptions, resulting in a cross-site scripting vulnerability exploitable by users able to change build descriptions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Dashboard View
NVD
CVSS 3.1
5.4
EPSS
0.7%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Dashboard View
NVD
EPSS 73% CVSS 5.4
MEDIUM PATCH This Month

Jenkins Dashboard View Plugin 2.15 and earlier does not escape URLs referenced in Image Dashboard Portlets, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Dashboard View
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Jenkins Dashboard View Plugin 2.11 and earlier did not escape build descriptions, resulting in a cross-site scripting vulnerability exploitable by users able to change build descriptions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Dashboard View
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy