CVE-2019-10335 is a vulnerability in Jenkins Electricflow
Published on June 11, 2019

A stored cross site scripting vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and earlier allowed attackers able to configure jobs in Jenkins or control the output of the ElectricFlow API to inject arbitrary HTML and JavaScript in the plugin-provided output on build status pages.

NVD

Products Associated with CVE-2019-10335

Want to know whenever a new CVE is published for Jenkins Electricflow? stack.watch will email you.

Jenkins Electricflow

Affected Versions

Jenkins project Jenkins ElectricFlow Plugin Version 1.1.5 and earlier is affected by CVE-2019-10335

Exploit Probability

EPSS

0.06%

Percentile

17.96%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-10335 is a vulnerability in Jenkins ElectricflowPublished on June 11, 2019

Products Associated with CVE-2019-10335

Affected Versions

Exploit Probability

CVE-2019-10335 is a vulnerability in Jenkins Electricflow
Published on June 11, 2019