Persisted Cross-Site Scripting in DRY Plugin by Static Analysis Utilities
CVE-2017-1000103

5.4MEDIUM

Key Information:

Vendor

Jenkins
Status
Dry
Vendor
CVE Published:
4 October 2017

What is CVE-2017-1000103?

The DRY Plugin by Static Analysis Utilities was found to be susceptible to a persisted cross-site scripting vulnerability. This can allow malicious users to manipulate user input, injecting arbitrary HTML content into the custom Details view of the plugin. This vulnerability poses a risk as it can be exploited to deliver harmful scripts to users, potentially compromising their data and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://jenkins.io/security/advisory/2017-08-07/
x_refsource_CONFIRM
http://www.securityfocus.com/bid/101061
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.