Jenkins Continuous Integration with... CVE-2022-28145

- AV AC AU C I A
发布: 2022-04-29
修订: 2022-04-29

Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting (XSS) exploitable by attackers with Item/Configure permission or otherwise able to control report contents.

0%
暂无可用Exp或PoC
当前有0条受影响产品信息