Lucene search
K

48 matches found

RedHat Linux
RedHat Linux
added 2020/06/17 7:38 p.m.3 views

jenkins: Content-Security-Policy headers for files uploaded leads to XSS

Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability...

5.4CVSS6AI score0.01159EPSS
Exploits0References5
CNVD
CNVD
added 2017/01/18 12:0 a.m.5 views

GeniXCMS Cross-Site Scripting Vulnerability (CNVD-2017-00738)

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF that provides modules for user management, content management and menu management. A cross-site scripting vulnerability exists in GeniXCMS. A remote attacker can inject arbitrary web script or HTML code via build...

6.1CVSS6.1AI score0.01143EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2016/08/24 7:41 p.m.4 views

jenkins: Arbitrary build parameters are passed to build scripts as environment variables (SECURITY-170)

Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables...

6.5CVSS5.9AI score0.02124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/06/06 7:6 p.m.5 views

jenkins: Arbitrary build parameters are passed to build scripts as environment variables (SECURITY-170)

Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables...

6.5CVSS5.9AI score0.02124EPSS
Exploits0References5
OSV
OSV
added 2016/05/17 2:8 p.m.11 views

CVE-2016-3721

Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables...

6.5CVSS5AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2016/05/17 2:8 p.m.33 views

CVE-2016-3721

Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables...

6.5CVSS6.9AI score0.02124EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2016/05/17 12:0 a.m.28 views

CVE-2016-3721

Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables...

6.5AI score0.02124EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2016/05/12 8:49 a.m.34 views

CVE-2016-3721

Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables...

4CVSS4.9AI score0.02124EPSS
Exploits0References2
Rows per page
Query Builder