CVE-2021-21648
published 2021-05-11CVE-2021-21648: Jenkins Credentials Plugin 2.3.18 and earlier does not escape user-controlled information on a view it provides, resulting in a reflected cross-site scripting…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Jenkins Credentials Plugin 2.3.18 and earlier does not escape user-controlled information on a view it provides, resulting in a reflected cross-site scripting (XSS) vulnerability.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | credentials | <= 2.3.18 | — |
| jenkins | credentials_plugin | — | — |
| jenkins | dashboard_view_plugin | — | — |
| jenkins | ids_in_xray_test_management_for_jira_plugin | — | — |
| jenkins | p4_plugin | — | — |
| jenkins | s3_publisher_plugin | — | — |
| jenkins | xcode_integration_plugin | — | — |
| jenkins | xray_test_management_for_jira_plugin | — | — |
| jenkins_project | jenkins_credentials_plugin | unspecified – 2.3.18 | — |