Jenkins Project Jenkins Warnings Ng Plugin vulnerabilities

2 known vulnerabilities affecting jenkins_project/jenkins_warnings_ng_plugin.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

MEDIUM2

Vulnerabilities

Page 1 of 1

CVE-2019-10325MEDIUMCVSS 5.4v5.0.0 and earlier2019-05-31

CVE-2019-10325 [MEDIUM] CWE-79 CVE-2019-10325: A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attacke A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attacker with Job/Configure permission to inject arbitrary JavaScript in build overview pages.

CVE-2019-10326MEDIUMCVSS 4.3v5.0.0 and earlier2019-05-31

CVE-2019-10326 [MEDIUM] CWE-352 CVE-2019-10326: A cross-site request forgery vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed a A cross-site request forgery vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attackers to reset warning counts for future builds.