SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Jenkins plugin Matrix Project Stored XSS

Category: WEB-ATTACKS      

Jenkins Matrix Project Plugin 1.19 and earlier does not escape HTML metacharacters in node and label names, and label descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1774


Relevant Information