VYPR

Jenkins Maven Repository Server Plugin

by Jenkins Project

CVEs (2)

  • CVE-2023-35144MedJun 14, 2023
    risk 0.35cvss 5.4epss 0.01

    Jenkins Maven Repository Server Plugin 1.10 and earlier does not escape project and build display names on the Build Artifacts As Maven Repository page, resulting in a stored cross-site scripting (XSS) vulnerability.

  • CVE-2023-35143MedJun 14, 2023
    risk 0.35cvss 5.4epss 0.01

    Jenkins Maven Repository Server Plugin 1.10 and earlier does not escape the versions of build artifacts on the Build Artifacts As Maven Repository page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control maven project versions…