-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
JavaJavaMiggo AIRoot Cause AnalysisThe commit diff shows the vulnerability was fixed by adding Util.xmlEscape() to sanitize the output of Functions.printThrowable(e). The unescaped exception message handling in the form validation error message for repository URLs directly matches the vulnerability description of improper neutralization leading to stored XSS. The function's role in processing user-controlled URL validation and error message generation makes it the clear injection point.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:subversion | maven | < 2.13.1 | 2.13.1 |
Ongoing coverage of React2Shell