CVE-2017-1000392

CVE-2017-1000392

Jenkins 2.88 and earlier; 2.73.2 and earlier Autocompletion suggestions for text fields were not escaped, resulting in a persisted cross-site scripting vulnerability if the source for the suggestions allowed specifying text that includes HTML metacharacters like less-than and greater-than characters.

Source: CVE-2017-1000392

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다