12 matches found
EUVD-2022-4867
Malicious code in bioql PyPI...
EUVD-2022-5758
Malicious code in bioql PyPI...
CVE-2020-2193
Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the parser identifier when rendering charts, resulting in a stored cross-site scripting vulnerability...
CVE-2020-2194
Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the display name of the builds in the trend chart, resulting in a stored cross-site scripting vulnerability...
GHSA-Q397-W28F-JX97 Stored XSS vulnerability in Jenkins ECharts API Plugin
ECharts API Plugin 4.7.0-3 and earlier does not escape the display name of the builds in the trend chart. This results in a stored cross-site scripting XSS vulnerability that can be exploited by users with Run/Update permission. ECharts API Plugin 4.7.0-4 escapes the display name...
CloudBees Jenkins ECharts API Plugin Cross-Site Scripting Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . ECharts API Plugin is used in one of the chart...
CloudBees Jenkins ECharts API Plugin Cross-Site Scripting Vulnerability (CNVD-2020-33741)
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . ECharts API Plugin is used in one of the chart...
CVE-2020-2193
Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the parser identifier when rendering charts, resulting in a stored cross-site scripting vulnerability...
CVE-2020-2194
Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the display name of the builds in the trend chart, resulting in a stored cross-site scripting vulnerability...
Cross site scripting
Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the parser identifier when rendering charts, resulting in a stored cross-site scripting vulnerability...
CVE-2020-2194
Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the display name of the builds in the trend chart, resulting in a stored cross-site scripting vulnerability...
PT-2020-15408 · Jenkins · Jenkins Echarts Api Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins ECharts API Plugin versions 4.7.0-3 and earlier Description: The issue results in a stored cross-site scripting vulnerability due to the failure to escape the display name of the builds in the trend chart. This can be exploited by use...