CVE-2019-10349

A stored cross site scripting vulnerability in Jenkins Dependency Graph Viewer Plugin 0.13 and earlier allowed attackers able to configure jobs in Jenkins to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins.
Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:dependency_graph_viewer:*:*:*:*:*:jenkins:*:*

History

No history.

Information

Published : 2019-07-11 14:15

Updated : 2024-11-21 04:18


NVD link : CVE-2019-10349

Mitre link : CVE-2019-10349

CVE.ORG link : CVE-2019-10349


JSON object : View

Products Affected

jenkins

  • dependency_graph_viewer
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')