CVE-2017-1000109
published 2017-10-05CVE-2017-1000109: The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability…
medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view.
Affected
63 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | blue_ocean_plugin | — | — |
| jenkins | config_file_provider_plugin | — | — |
| jenkins | credentials_plugin | — | — |
| jenkins | datadog_plugin | — | — |
| jenkins | deploy_to_container_plugin | — | — |
| jenkins | dry_plugin | — | — |
| jenkins | groovy_plugin | — | — |
| jenkins | input_step_plugin | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |
| jenkins | owasp_dependency-check | — | — |