Vulnerabilities > Jenkins > Edgewall Trac > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-25 | CVE-2023-46659 | Cross-site Scripting vulnerability in Jenkins Edgewall Trac Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | 5.4 |