CVE-2023-41931

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Sep 6, 2023
Updated: Sep 11, 2023
CWE ID 79

Summary

CVE-2023-41931 is a vulnerability found in Jenkins Job Configuration History Plugin versions 1227.v7a_79fc4dc01f and earlier. This vulnerability allows for stored cross-site scripting (XSS) attacks due to the plugin's failure to properly sanitize or escape the timestamp value in history entries when rendering them on the history view. The affected products include several versions of nt-onz, nt-ony, nt-onx, and others. To remediate this vulnerability, users should update to a version of the plugin that includes a fix for this issue. If left unaddressed, this vulnerability poses a potential danger to organizations as it could be exploited by attackers to inject malicious scripts, potentially leading to unauthorized access, data theft, or other security breaches.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-41931 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options