CVE-2023-43495

Published: 2023-09-20T17:15Z

Last Modified: 2024-11-21T08:24Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Jenkins 2.423 and earlier, LTS 2.414.1 and earlier does not escape the value of the 'caption' constructor parameter of 'ExpandableDetailsNote', resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control this parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt