CVE-2021-21610 – Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not implement any restrictions for …

13 January 2021

Vuln ID: CVE-2021-21610

Published: 2021-01-13 16:15:14Z

Description: Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not implement any restrictions for the URL rendering a formatted preview of markup passed as a query parameter, resulting in a reflected cross-site scripting (XSS) vulnerability if the configured markup formatter does not prohibit unsafe elements (JavaScript) in markup.

Source: NVD.NIST.GOV

Date:

13 January 2021

Categorie(s):

NVD

Tag(s):

NVD

Akira Ransomware Group Rakes in $42m, 250 Organizations Impacted19 April 2024
Germany cuffs alleged Russian spies over plot to bomb industrial and military targets19 April 2024
Sorenson Capital leads $7.95M seed investment in cyberthreat intelligence provider VulnCheck19 April 2024
How AI Enhances Cybersecurity: Expert Insights from Khurram Mir of Kualitatem19 April 2024
LastPass users targeted by vishing attackers19 April 2024