Skip to main content

Kiuwan

1 CVEs product

Monthly

CVE-2021-21666 Maven MEDIUM PATCH This Month

Jenkins Kiuwan Plugin 1.6.0 and earlier does not escape query parameters in an error message for a form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins XSS Kiuwan
NVD
CVSS 3.1
6.1
EPSS
1.2%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Jenkins Kiuwan Plugin 1.6.0 and earlier does not escape query parameters in an error message for a form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins XSS Kiuwan
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy