Cross-Site Scripting Vulnerability in Jenkins TestLink Plugin 2.12 and Earlier
CVE-2018-1000113 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
A cross-site scripting vulnerability exists in Jenkins TestLink Plugin 2.12 and earlier in TestLinkBuildAction/summary.jelly and others that allow an attacker who can control e.g. TestLink report names to have Jenkins serve arbitrary HTML and JavaScript
Learn more about our Web Application Penetration Testing UK.