GHSA-5j5r-6mv9-m255
Suggest an improvement- Source
- https://github.com/advisories/GHSA-5j5r-6mv9-m255
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/03/GHSA-5j5r-6mv9-m255/GHSA-5j5r-6mv9-m255.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-5j5r-6mv9-m255
- Aliases
-
- CVE-2024-28156
- Published
- 2024-03-06T18:30:38Z
- Modified
- 2024-05-02T14:15:22.735404Z
- Severity
-
- 8.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Jenkins Build Monitor View Plugin vulnerable to stored Cross-site Scripting
- Details
-
Jenkins Build Monitor View Plugin 1.14-860.vd06ef2568b_3f and earlier does not escape Build Monitor View names, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure Build Monitor Views.
- Database specific
{ "nvd_published_at": "2024-03-06T17:15:10Z", "cwe_ids": [ "CWE-79" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-03-06T19:27:59Z" }- References
Affected packages
Maven / org.jenkins-ci.plugins:build-monitor-plugin
Package
- Name
- org.jenkins-ci.plugins:build-monitor-plugin
- View open source insights on deps.dev
- Purl
- pkg:maven/org.jenkins-ci.plugins/build-monitor-plugin
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected1.14-860.vd06ef2568b
Affected versions
1.*
1.0+build.5
1.0+build.7
1.0+build.8
1.0+build.9
1.0+build.10
1.0+build.14
1.0+build.20
1.0+build.30
1.0+build.33
1.0+build.50
1.0+build.51
1.0+build.53
1.1+build.59
1.2+build.64
1.3+build.68
1.3+build.70
1.3+build.71
1.3+build.72
1.4+build.102
1.5+build.117
1.5+build.118
1.5+build.119
1.5+build.120
1.5+build.123
1.6+build.130
1.6+build.132
1.6+build.135
1.6+build.138
1.6+build.140
1.6+build.142
1.6+build.149
1.6+build.150
1.6+build.156
1.6+build.159
1.6+build.162
1.6+build.163
1.6+build.164
1.7+build.172
1.8+build.201601050116
1.8+build.201601052013
1.8+build.201601112328
1.9+build.201605021413
1.9+build.201606052339
1.9+build.201606131328
1.10+build.201608030223
1.10+build.201610041454
1.10+build.201611041949
1.11+build.201701152243
1.12+build.201704111018
1.12+build.201708172343
1.12+build.201805070054
1.12+build.201809041621
1.12+build.201809061734
1.13+build.202109302210
1.13+build.202110011108
1.13+build.202110011223
1.13+build.202111180915
1.13+build.202111181729
1.13+build.202111192133
1.13+build.202111200136
1.13+build.202111200525
1.13+build.202111200811
1.13+build.202111200854
1.13+build.202111201725
1.13+build.202111220004
1.13+build.202111221941
1.13+build.202111240043
1.13+build.202111250336
1.13+build.202111291630
1.13+build.202112011911
1.13+build.202112012056
1.13+build.202112022140
1.13+build.202112032101
1.13+build.202112032236
1.13+build.202112061615
1.13+build.202112201543
1.13+build.202112201608
1.13+build.202112271657
1.13+build.202112271752
1.13+build.202201031340
1.13+build.202201031417
1.13+build.202201031653
1.13+build.202201101545
1.13+build.202201101632
1.13+build.202201171452
1.13+build.202201171523
1.13+build.202201171559
1.13+build.202201171633
1.13+build.202201201754
1.13+build.202201201829
1.13+build.202201201901
1.13+build.202201221819
1.13+build.202201311606
1.13+build.202201311641
1.13+build.202201311744
1.13+build.202201311821
1.13+build.202202100032
1.13+build.202202112257
1.13+build.202202112334
1.13+build.202202120059
1.13+build.202202120254
1.13+build.202202141528
1.13+build.202202141611
1.13+build.202202151850
1.13+build.202202212113
1.13+build.202202281553
1.13+build.202203012346
1.13+build.202203020040
1.13+build.202203071536
1.13+build.202203141426
1.13+build.202203211645
1.13+build.202203211713
1.13+build.202203212026
1.13+build.202203221632
1.13+build.202204041554
1.13+build.202204041616
1.13+build.202204041635
1.13+build.202204111503
1.13+build.202204181545
1.13+build.202204241251
1.13+build.202205071934
1.13+build.202205140447
1.14-650.vb_43f505305f6
1.14-651.v429b_16b_db_60e
1.14-653.va_1c684a_30b_ff
1.14-667.vfb_ef30539e07
1.14-681.vd6817317a_2b_7
1.14-702.vf34cc4398955
1.14-717.v3efcdffe8d58
1.14-740.v1df20e5c64b_b_
1.14-744.v35fd6fa_a_26b_2
1.14-745.ve2023a_305f40
1.14-826.vb_a_c11536174d