Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Jenkins Subscribe
Filtered by product Cucumber Living Documentation
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1000144 1 Jenkins 1 Cucumber Living Documentation 2018-05-15 4.3 MEDIUM 6.1 MEDIUM
A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseAction#doDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these files to attack Jenkins users.