search

jfrog / jenkins-artifactory-plugin

Jenkins artifactory plugin
http://jenkins-ci.org/
115 stars 186 forks source link

[🐸 Frogbot] Update version of org.jenkins-ci.plugins:junit to [1119.1121.vc43d0fc45561] #877

Open github-actions[bot] opened 11 months ago

github-actions[bot] commented 11 months ago
[![](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://github.com/jfrog/frogbot#readme)

πŸ“¦ Vulnerable Dependencies

✍️ Summary

| SEVERITY | CONTEXTUAL ANALYSIS | DIRECT DEPENDENCIES | IMPACTED DEPENDENCY | FIXED VERSIONS | | :---------------------: | :----------------------------------: | :----------------------------------: | :-----------------------------------: | :---------------------------------: | | ![](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/applicableMediumSeverity.png)
Medium | Undetermined | org.jenkins-ci.plugins:junit:1.29 | org.jenkins-ci.plugins:junit:1.29 | [1119.1121.vc43d0fc45561] |

πŸ‘‡ Details

Description:

Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.

[JFrog Frogbot](https://github.com/jfrog/frogbot#readme)