CVE-2017-1000088

MEDIUM

5.4

CVSS Severity Score

EPSS Score0.0570%

EPSS Percentile32.75th

PublishedOct 5, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links.

Affected Platforms (CPE)

📦

Jenkins

Sidebar Link

<= 1.8

References & Advisories

🔗 https://jenkins.io/security/advisory/2017-07-10/

Related Vulnerabilities

CVE-2005-22647.5

Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar usi...

CVE-2020-367474.3

The Lightweight Sidebar Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including,...

CVE-2007-62054.3

Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before...

CVE-2017-332410.0

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone...