Home

CVE-2019-1003042

Description

A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin.

Risk Information

Base Score
5.4
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.101

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2019-1003042 are fixed in 6wind - lockable-resources 2.5Windows
Vulnerabilities CVE-2019-1003042 are fixed in 6wind - lockable-resources for Linux 2.5Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234