23 matches found
The vulnerability of the “Create poll” module in the YOP Poll plugin of the WordPress content management system allows a hacker to perform cross-site scripting attacks.
The vulnerability of the “Create poll” module in the YOP Poll plugin of the WordPress content management system is related to the lack of protection for website structure when processing parameters such as “Vote Button Label”, “Show Results Link”, and “Display Back to vote Link”. Exploiting this...
GHSA-WV63-GWR9-5C55 Stored XSS vulnerability in Jenkins button labels
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape button labels in the Jenkins UI. This results in a cross-site scripting vulnerability exploitable by attackers with the ability to control button labels. An example of buttons with a user-controlled label are the buttons of the...
jenkins: Stored XSS vulnerability in button labels
A flaw was found in jenkins. A cross-site scripting XSS vulnerability, due to the button labels not being properly escaped, can allow an attacker to control button labels. The highest threat from this vulnerability is to data confidentiality and integrity...