Vulnerabilities > Jenkins > S3 Publisher > Low

DATE CVE VULNERABILITY TITLE RISK
2018-05-08 CVE-2018-1000177 Cross-site Scripting vulnerability in Jenkins S3 Publisher
A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10.12 and older in src/main/resources/hudson/plugins/s3/S3ArtifactsProjectAction/jobMain.jelly that allows attackers able to control file names of uploaded files to define file names containing JavaScript that would be executed in another user's browser when that user performs some UI actions.
network
jenkins CWE-79
3.5
3.5