CVE-2023-41940

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in maven/org.tap4j/tap

Identifiers

CVE-2023-41940

Package Slug

maven/org.tap4j/tap

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

Jenkins TAP Plugin 2.3 and earlier does not escape TAP file contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control TAP file contents.

Affected Versions

All versions up to 2.3

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-09-12

source