CVE-2017-1000102 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-1000102 Interim 1 5 2025-05-01T01:15:10Z current 2021-05-30T14:05:59Z 2025-05-01T01:15:10Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-1000102 The Details view of some Static Analysis Utilities based plugins, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to these plugins, for example the console output which is parsed to extract build warnings (Warnings Plugin), could insert arbitrary HTML into this view. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings The Details view of some Static Analysis Utilities based plugins, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to these plugins, for example the console output which is parsed to extract build warnings (Warnings Plugin), could insert arbitrary HTML into this view. CVE-2017-1000102 moderate 3.5 AV:N/AC:M/Au:S/C:N/I:P/A:N 5.4 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N