Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe
Filtered by product Cucumber Living Documentation
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1000144 1 Jenkins 1 Cucumber Living Documentation 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseAction#doDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these files to attack Jenkins users.