cvelist/2017/1000xxx/CVE-2017-1000404.json

{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2017-11-16/"}]},"description": {"description_data": [{"lang": "eng","value": "Delivery Pipeline Plugin used the unescaped content of the query parameter 'fullscreen' in its JavaScript, resulting in a cross-site scripting vulnerability through specially crafted URLs."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.0.7 and earlier"}]},"product_name": "Jenkins Delivery Pipeline Plugin"}]},"vendor_name": "Jenkins Delivery Pipeline Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2017-11-17","ID": "CVE-2017-1000404","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XSS"}]}]}}