Security Advisory

CVE-2018-1000604

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-06-26 17:00:00

Last updated 2024-09-16 20:22:59

Assigner mitre

State PUBLISHED

Description

A persisted cross-site scripting vulnerability exists in Jenkins Badge Plugin 1.4 and earlier in BadgeSummaryAction.java, HtmlBadgeAction.java that allows attackers able to control build badge content to define JavaScript that would be executed in another users browser when that other user performs some UI actions.

← Browse all CVEs View on cve.org ↗