Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Jenkins Active Choices Plugin 2.5.6 and earlier does not escape the parameter name of reactive parameters and dynamic reference parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jenkins Active Choices 跨站脚本漏洞
Vulnerability Description
Jenkins Active Choices 是 Jenkins开源的一个应用插件。用于参数化的自由式Jenkins作业中,以创建脚本化,动态和交互式作业参数。 Jenkins Plugin 存在跨站脚本漏洞,该漏洞源于 Active Choices 插件 2.5.6 版本及更早版本不会转义反应参数和动态参考参数的参数名称。
CVSS Information
N/A
Vulnerability Type
N/A