漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature "GitHub hook trigger for GITScm polling", resulting in a stored cross-site scripting (XSS) vulnerability exploitable by non-anonymous attackers with Overall/Read permission.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jenkins GitHub Plugin 跨站脚本漏洞
Vulnerability Description
Jenkins GitHub Plugin是Jenkins开源的一个为持续集成系统提供与代码托管平台集成功能的插件。 Jenkins GitHub Plugin 1.46.0及之前版本存在跨站脚本漏洞,该漏洞源于处理当前作业URL时JavaScript验证不当,可能导致存储型跨站脚本攻击,可由具有Overall/Read权限的非匿名攻击者利用。
CVSS Information
N/A
Vulnerability Type
N/A