CVE-2019-10336 is a vulnerability in Jenkins Electricflow
Published on June 11, 2019

A reflected cross site scripting vulnerability in Jenkins ElectricFlow Plugin 1.1.6 and earlier allowed attackers able to control the output of the ElectricFlow API to inject arbitrary HTML and JavaScript in job configuration forms containing post-build steps provided by this plugin.

NVD

Products Associated with CVE-2019-10336

Want to know whenever a new CVE is published for Jenkins Electricflow? stack.watch will email you.

Jenkins Electricflow

Affected Versions

Jenkins project Jenkins ElectricFlow Plugin Version 1.1.6 and earlier is affected by CVE-2019-10336

Exploit Probability

EPSS

0.07%

Percentile

19.93%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-10336 is a vulnerability in Jenkins ElectricflowPublished on June 11, 2019

Products Associated with CVE-2019-10336

Affected Versions

Exploit Probability

CVE-2019-10336 is a vulnerability in Jenkins Electricflow
Published on June 11, 2019