Skip to main content

Jacoco

1 CVEs product

Monthly

CVE-2023-28669 Maven MEDIUM PATCH This Month

Jenkins JaCoCo Plugin 3.3.2 and earlier does not escape class and method names shown on the UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Jacoco
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Jenkins JaCoCo Plugin 3.3.2 and earlier does not escape class and method names shown on the UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Jacoco
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy