Search for packages
| purl | pkg:maven/org.jenkins-ci.plugins/htmlpublisher@1.16 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-s4j7-r6m7-tyey
Aliases: CVE-2024-28149 GHSA-8vcg-v7g4-3vr7 |
Jenkins HTML Publisher Plugin does not properly sanitize input Jenkins HTML Publisher Plugin 1.16 through 1.32 (both inclusive) does not properly sanitize input, allowing attackers with Item/Configure permission to implement cross-site scripting (XSS) attacks and to determine whether a path on the Jenkins controller file system exists. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-g6ze-manx-37c3 | Path Traversal A path traversal vulnerability exists in the Jenkins HTML Publisher Plugin that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master. |
CVE-2018-1000175
GHSA-4x63-3p7q-xmh7 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-04T14:30:55.389900+00:00 | GHSA Importer | Fixing | VCID-g6ze-manx-37c3 | https://github.com/advisories/GHSA-4x63-3p7q-xmh7 | 38.1.0 |
| 2026-04-01T16:04:46.313024+00:00 | GHSA Importer | Affected by | VCID-s4j7-r6m7-tyey | https://github.com/advisories/GHSA-8vcg-v7g4-3vr7 | 38.0.0 |
| 2026-04-01T13:08:24.922021+00:00 | GithubOSV Importer | Fixing | VCID-g6ze-manx-37c3 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-4x63-3p7q-xmh7/GHSA-4x63-3p7q-xmh7.json | 38.0.0 |
| 2026-04-01T12:52:36.814836+00:00 | GitLab Importer | Affected by | VCID-s4j7-r6m7-tyey | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.plugins/htmlpublisher/CVE-2024-28149.yml | 38.0.0 |
| 2026-04-01T12:47:40.020400+00:00 | GitLab Importer | Fixing | VCID-g6ze-manx-37c3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.plugins/htmlpublisher/CVE-2018-1000175.yml | 38.0.0 |