Security Advisory

CVE-2023-35145

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-14 12:53:08

Last updated 2025-01-02 19:05:01

Assigner jenkins

State PUBLISHED

Description

Jenkins Sonargraph Integration Plugin 5.0.1 and earlier does not escape the file path and the project name for the Log file field form validation, resulting in a stored cross-site scripting vulnerability exploitable by attackers with Item/Configure permission.

← Browse all CVEs View on cve.org ↗