[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-1003050":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":44,"aliases":45,"duplicate_of":9,"upstream":47,"downstream":48,"duplicates":51,"related":52,"reserved_at":9,"published_at":53,"modified_at":54,"state":55,"summary":56,"references_raw":65,"kevs":112,"epss":113,"epss_history":116,"metrics":372,"affected":385},"CVE-2019-1003050","The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-79","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":25,"name":26,"techniques":27},"CAPEC-588","DOM-Based XSS",[],{"id":29,"name":30,"techniques":31},"CAPEC-591","Reflected XSS",[],{"id":33,"name":34,"techniques":35},"CAPEC-592","Stored XSS",[],{"id":37,"name":38,"techniques":39},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":41,"name":42,"techniques":43},"CAPEC-85","AJAX Footprinting",[],[],[46],"GHSA-qpg9-83fv-x9ch",[],[49],{"_key":50},"RHBA-2019:1605",[],[],"2019-04-10T20:12:30.000Z","2024-08-05T03:07:17.918Z","Modified",{"cisa_kev":57,"cisa_ransomware":57,"cisa_vendor":9,"epss_severity":58,"epss_score":59,"severity":60,"severity_score":61,"severity_version":62,"severity_source":63,"severity_vector":64,"severity_status":55},false,"low",0.00467,"medium",5.4,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",[66,76,83,89,94,99,103,107],{"url":67,"sources":68,"tags":71},"http://www.securityfocus.com/bid/107889",[69,63,70],"cve.org","osv_maven",[72,73,74,75],"VDB Entry","X Refsource BID","Broken Link","WEB",{"url":77,"sources":78,"tags":79},"https://access.redhat.com/errata/RHBA-2019:1605",[69,63,70],[80,81,82,75],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory",{"url":84,"sources":85,"tags":86},"https://www.oracle.com/security-alerts/cpuapr2022.html",[69,63,70],[87,88,82,75],"X Refsource MISC","Patch",{"url":90,"sources":91,"tags":92},"https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1327",[69,63,70],[93,80,75],"X Refsource CONFIRM",{"url":95,"sources":96,"tags":97},"https://nvd.nist.gov/vuln/detail/CVE-2019-1003050",[70],[98],"Advisory",{"url":100,"sources":101,"tags":102},"https://github.com/jenkinsci/jenkins/commit/8eb632dda219ec8796420ce58d9564cddf8f8f93",[70],[75],{"url":104,"sources":105,"tags":106},"https://github.com/jenkinsci/jenkins/commit/d393c7e9ba3ec44953ef1f8b11839421e2649ee7",[70],[75],{"url":108,"sources":109,"tags":110},"https://github.com/jenkinsci/jenkins",[70],[111],"PACKAGE",[],{"date":114,"score":59,"percentile":115},"2026-06-04",0.64768,[117,121,124,127,130,133,135,138,140,143,146,149,152,154,157,161,164,167,170,172,175,177,180,183,186,189,192,194,197,200,203,205,207,209,212,214,217,220,223,226,229,232,235,238,241,243,246,249,252,255,257,260,263,266,270,272,274,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,327,330,333,336,339,342,344,347,351,354,357,359,361,363,366,369],{"date":118,"score":119,"percentile":120},"2025-11-04",0.00986,0.76091,{"date":122,"score":119,"percentile":123},"2025-11-05",0.7609,{"date":125,"score":119,"percentile":126},"2025-11-06",0.76086,{"date":128,"score":119,"percentile":129},"2025-11-07",0.76103,{"date":131,"score":119,"percentile":132},"2025-11-08",0.76107,{"date":134,"score":119,"percentile":129},"2025-11-09",{"date":136,"score":119,"percentile":137},"2025-11-10",0.76089,{"date":139,"score":119,"percentile":123},"2025-11-11",{"date":141,"score":119,"percentile":142},"2025-11-12",0.7611,{"date":144,"score":119,"percentile":145},"2025-11-13",0.76118,{"date":147,"score":119,"percentile":148},"2025-11-14",0.76124,{"date":150,"score":119,"percentile":151},"2025-11-15",0.7612,{"date":153,"score":119,"percentile":151},"2025-11-16",{"date":155,"score":119,"percentile":156},"2025-11-17",0.76112,{"date":158,"score":159,"percentile":160},"2025-11-18",0.00531,0.64723,{"date":162,"score":159,"percentile":163},"2025-11-19",0.64732,{"date":165,"score":159,"percentile":166},"2025-11-20",0.6473,{"date":168,"score":119,"percentile":169},"2025-11-21",0.76137,{"date":171,"score":119,"percentile":169},"2025-11-22",{"date":173,"score":119,"percentile":174},"2025-11-23",0.76123,{"date":176,"score":119,"percentile":148},"2025-11-24",{"date":178,"score":119,"percentile":179},"2025-11-25",0.76131,{"date":181,"score":119,"percentile":182},"2025-11-26",0.76136,{"date":184,"score":119,"percentile":185},"2025-11-27",0.76139,{"date":187,"score":119,"percentile":188},"2025-11-28",0.76127,{"date":190,"score":119,"percentile":191},"2025-11-29",0.76133,{"date":193,"score":119,"percentile":179},"2025-11-30",{"date":195,"score":119,"percentile":196},"2025-12-01",0.76257,{"date":198,"score":119,"percentile":199},"2025-12-02",0.76261,{"date":201,"score":119,"percentile":202},"2025-12-03",0.76251,{"date":204,"score":119,"percentile":148},"2025-12-04",{"date":206,"score":119,"percentile":191},"2025-12-05",{"date":208,"score":119,"percentile":182},"2025-12-06",{"date":210,"score":119,"percentile":211},"2025-12-07",0.76132,{"date":213,"score":119,"percentile":182},"2025-12-08",{"date":215,"score":119,"percentile":216},"2025-12-09",0.76162,{"date":218,"score":119,"percentile":219},"2025-12-10",0.76186,{"date":221,"score":119,"percentile":222},"2025-12-11",0.76205,{"date":224,"score":119,"percentile":225},"2025-12-12",0.76228,{"date":227,"score":119,"percentile":228},"2025-12-13",0.7623,{"date":230,"score":119,"percentile":231},"2025-12-14",0.76226,{"date":233,"score":119,"percentile":234},"2025-12-15",0.76223,{"date":236,"score":119,"percentile":237},"2025-12-16",0.76235,{"date":239,"score":119,"percentile":240},"2025-12-17",0.76246,{"date":242,"score":119,"percentile":199},"2025-12-18",{"date":244,"score":119,"percentile":245},"2025-12-19",0.76275,{"date":247,"score":119,"percentile":248},"2025-12-20",0.76269,{"date":250,"score":119,"percentile":251},"2025-12-21",0.76264,{"date":253,"score":119,"percentile":254},"2025-12-22",0.76259,{"date":256,"score":119,"percentile":196},"2025-12-23",{"date":258,"score":119,"percentile":259},"2025-12-24",0.76268,{"date":261,"score":119,"percentile":262},"2025-12-25",0.76289,{"date":264,"score":119,"percentile":265},"2025-12-26",0.76287,{"date":267,"score":268,"percentile":269},"2025-12-27",0.01064,0.77219,{"date":271,"score":119,"percentile":248},"2025-12-28",{"date":273,"score":119,"percentile":251},"2025-12-29",{"date":275,"score":119,"percentile":245},"2025-12-30",{"date":277,"score":119,"percentile":278},"2025-12-31",0.76297,{"date":280,"score":119,"percentile":281},"2026-01-01",0.76432,{"date":283,"score":119,"percentile":284},"2026-01-02",0.76436,{"date":286,"score":119,"percentile":287},"2026-01-03",0.76435,{"date":289,"score":119,"percentile":290},"2026-01-04",0.76307,{"date":292,"score":119,"percentile":293},"2026-01-05",0.76298,{"date":295,"score":119,"percentile":296},"2026-01-06",0.76308,{"date":298,"score":119,"percentile":299},"2026-01-07",0.76319,{"date":301,"score":119,"percentile":302},"2026-01-08",0.76329,{"date":304,"score":119,"percentile":305},"2026-01-09",0.76338,{"date":307,"score":119,"percentile":308},"2026-01-10",0.76339,{"date":310,"score":119,"percentile":311},"2026-01-11",0.76326,{"date":313,"score":119,"percentile":314},"2026-01-12",0.76315,{"date":316,"score":119,"percentile":317},"2026-01-13",0.76316,{"date":319,"score":119,"percentile":320},"2026-01-14",0.76342,{"date":322,"score":119,"percentile":323},"2026-01-15",0.76348,{"date":325,"score":119,"percentile":326},"2026-01-16",0.76359,{"date":328,"score":119,"percentile":329},"2026-01-17",0.76358,{"date":331,"score":119,"percentile":332},"2026-01-18",0.7635,{"date":334,"score":119,"percentile":335},"2026-01-19",0.76345,{"date":337,"score":119,"percentile":338},"2026-01-20",0.76346,{"date":340,"score":119,"percentile":341},"2026-01-21",0.76352,{"date":343,"score":119,"percentile":329},"2026-01-22",{"date":345,"score":119,"percentile":346},"2026-01-23",0.76387,{"date":348,"score":349,"percentile":350},"2026-01-24",0.00967,0.7613,{"date":352,"score":349,"percentile":353},"2026-01-25",0.76117,{"date":355,"score":349,"percentile":356},"2026-01-26",0.76115,{"date":358,"score":349,"percentile":356},"2026-01-27",{"date":360,"score":349,"percentile":148},"2026-01-28",{"date":362,"score":349,"percentile":151},"2026-01-29",{"date":364,"score":349,"percentile":365},"2026-01-30",0.76126,{"date":367,"score":349,"percentile":368},"2026-01-31",0.76125,{"date":370,"score":349,"percentile":371},"2026-02-01",0.76249,[373,383],{"source":63,"cvss_v2_0":374,"cvss_v3_0":9,"cvss_v3_1":379,"cvss_v4_0":9},{"baseScore":375,"baseSeverity":9,"vectorString":376,"impactScore":377,"exploitabilityScore":378},3.5,"AV:N/AC:M/Au:S/C:N/I:P/A:N",2.9,6.8,{"baseScore":61,"baseSeverity":380,"vectorString":64,"impactScore":381,"exploitabilityScore":382},"MEDIUM",4.5,5.9,{"source":70,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":384,"cvss_v4_0":9},{"baseScore":61,"baseSeverity":9,"vectorString":64,"impactScore":381,"exploitabilityScore":382},[386,395,405,421,428],{"ecosystem":9,"name":387,"vendor":388,"product":389,"cpe_part":390,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":391},"Jenkins","jenkins project","jenkins","a",[392],{"version":393,"is_range":57,"range_type":69,"version_start":393,"version_start_type":394,"version_end":393,"version_end_type":394,"fixed_in":9},"2.171 and earlier, LTS 2.164.1 and earlier","including",{"ecosystem":9,"name":387,"vendor":9,"product":387,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":396},[397,402],{"version":398,"is_range":399,"range_type":400,"version_start":9,"version_start_type":9,"version_end":401,"version_end_type":394,"fixed_in":9},"lte2.164.1",true,"cpe","2.164.1",{"version":403,"is_range":399,"range_type":400,"version_start":9,"version_start_type":9,"version_end":404,"version_end_type":394,"fixed_in":9},"lte2.171","2.171",{"ecosystem":406,"name":407,"vendor":408,"product":409,"cpe_part":9,"purl_type":410,"purl_namespace":408,"purl_name":409,"source":9,"versions":411},"Maven","org.jenkins-ci.main:jenkins-core","org.jenkins-ci.main","jenkins-core","maven",[412,417],{"version":413,"is_range":399,"range_type":414,"version_start":9,"version_start_type":9,"version_end":415,"version_end_type":416,"fixed_in":9},"lt2_164_2","ecosystem","2.164.2","excluding",{"version":418,"is_range":399,"range_type":414,"version_start":419,"version_start_type":394,"version_end":420,"version_end_type":416,"fixed_in":9},"gte2_165_lt2_172","2.165","2.172",{"ecosystem":9,"name":422,"vendor":423,"product":424,"cpe_part":390,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":425},"communications cloud native core automated test suite","oracle","communications_cloud_native_core_automated_test_suite",[426],{"version":427,"is_range":57,"range_type":400,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.0",{"ecosystem":9,"name":429,"vendor":430,"product":431,"cpe_part":390,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":432},"openshift container platform","redhat","openshift_container_platform",[433],{"version":434,"is_range":57,"range_type":400,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11"]