Vulnerabilities > Jenkins > RED HAT Dependency Analytics > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-24 CVE-2024-23905 Cross-site Scripting vulnerability in Jenkins RED HAT Dependency Analytics 0.7.0/0.7.1
Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc.
network
low complexity
jenkins CWE-79
5.4