CVE-2017-1000109

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
05/10/2017
Last modified:
20/04/2025

Description

The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.1.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.3:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.4:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.4.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.5:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.7:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.0.8:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.0:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1.1:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.1.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.2:*:*:*:*:jenkins:*:*
cpe:2.3:a:jenkins:owasp_dependency-check:1.1.3:*:*:*:*:jenkins:*:*