CVE-2018-1000426
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000426
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1000426.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-1000426
- Aliases
- Published
- 2019-01-09T23:29:02Z
- Modified
- 2024-10-12T03:01:36.296490Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A cross-site scripting vulnerability exists in Jenkins Git Changelog Plugin 2.6 and earlier in GitChangelogSummaryDecorator/summary.jelly, GitChangelogLeftsideBuildDecorator/badge.jelly, GitLogJiraFilterPostPublisher/config.jelly, GitLogBasicChangelogPostPublisher/config.jelly that allows attackers able to control the Git history parsed by the plugin to have Jenkins render arbitrary HTML on some pages.
- References
Affected packages
Git / github.com/jenkinsci/git-changelog-plugin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jenkinsci/git-changelog-plugin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
1.*
1.0
1.22
git-changelog-1.*
git-changelog-1.1
git-changelog-1.10
git-changelog-1.11
git-changelog-1.12
git-changelog-1.13
git-changelog-1.14
git-changelog-1.15
git-changelog-1.16
git-changelog-1.17
git-changelog-1.18
git-changelog-1.19
git-changelog-1.2
git-changelog-1.20
git-changelog-1.21
git-changelog-1.22
git-changelog-1.23
git-changelog-1.24
git-changelog-1.25
git-changelog-1.26
git-changelog-1.27
git-changelog-1.28
git-changelog-1.29
git-changelog-1.3
git-changelog-1.30
git-changelog-1.31
git-changelog-1.32
git-changelog-1.33
git-changelog-1.34
git-changelog-1.35
git-changelog-1.36
git-changelog-1.37
git-changelog-1.38
git-changelog-1.39
git-changelog-1.4
git-changelog-1.40
git-changelog-1.41
git-changelog-1.42
git-changelog-1.43
git-changelog-1.44
git-changelog-1.45
git-changelog-1.46
git-changelog-1.47
git-changelog-1.48
git-changelog-1.49
git-changelog-1.5
git-changelog-1.50
git-changelog-1.51
git-changelog-1.52
git-changelog-1.53
git-changelog-1.54
git-changelog-1.55
git-changelog-1.56
git-changelog-1.57
git-changelog-1.6
git-changelog-1.7
git-changelog-1.8
git-changelog-1.9
git-changelog-2.*
git-changelog-2.0
git-changelog-2.1
git-changelog-2.2
git-changelog-2.3
git-changelog-2.4
git-changelog-2.5
git-changelog-2.6