43 matches found
Cross-Site Scripting (XSS)
Jenkins Gatling is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to bypass of Content-Security-Policy protections when serving Gatling reports, which allows an attacker to inject and execute malicious scripts through modified report content...
EUVD-2025-23856
Malicious code in bioql PyPI...
EUVD-2025-23855
Malicious code in bioql PyPI...
EUVD-2025-17299
Malicious code in bioql PyPI...
EUVD-2022-4216
Malicious code in bioql PyPI...
CVE-2025-51308
In Gatling Enterprise versions below 1.25.0, a low-privileged user that does not hold the role "admin" could perform a REST API call on read-only endpoints, allowing him to collect some information, due to missing authorization checks...
CVE-2025-51306
In Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without expiration, due to incorrect session management...
CVE-2025-51306
In Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without expiration, due to incorrect session management...
CVE-2025-51308
In Gatling Enterprise versions below 1.25.0, a low-privileged user that does not hold the role "admin" could perform a REST API call on read-only endpoints, allowing him to collect some information, due to missing authorization checks...
CVE-2025-51306
In Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without expiration, due to incorrect session management...
Gatling Enterprise 安全漏洞
Gatling Enterprise is a load testing and performance testing management platform from Gatling France. A security vulnerability exists in Gatling Enterprise versions prior to 1.25.0 that stems from a lack of authorization checking and could result in a low-privileged user accessing read-only...
PT-2025-32181 · Unknown · Gatling Enterprise
Name of the Vulnerable Software and Affected Versions: Gatling Enterprise versions prior to 1.25.0 Description: Gatling Enterprise is susceptible to an issue where a user with limited privileges, lacking the “admin” role, can execute REST API calls on read-only endpoints. This allows unauthorized...
CVE-2025-51306
In Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without expiration, due to incorrect session management...
CVE-2025-51308
In Gatling Enterprise versions below 1.25.0, a low-privileged user that does not hold the role "admin" could perform a REST API call on read-only endpoints, allowing him to collect some information, due to missing authorization checks...
CVE-2025-51308
In Gatling Enterprise versions below 1.25.0, a low-privileged user that does not hold the role "admin" could perform a REST API call on read-only endpoints, allowing him to collect some information, due to missing authorization checks...
CVE-2025-51306
Gatling Enterprise prior to 1.25.0: logging out does not invalidate the session token due to improper session management, allowing continued access after logout. Impact is partial (low confidentiality/integrity) per provided CVSS; remediation is to upgrade to version 1.25.0 or later. No exploitat...
PT-2025-32180 · Gatling · Gatling Enterprise
Name of the Vulnerable Software and Affected Versions: Gatling Enterprise versions prior to 1.25.0 Description: A user logging out of Gatling Enterprise may still be able to use their session token to continue accessing the application without session expiration. This is due to incorrect session...
CVE-2025-51306
In Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without expiration, due to incorrect session management...
Gatling Enterprise 安全漏洞
Gatling Enterprise is a load testing and performance testing management platform from Gatling France. A security vulnerability exists in Gatling Enterprise versions prior to 1.25.0 that stems from improper session management and could result in session tokens remaining available after logout...
CVE-2025-51308
CVE-2025-51308 affects Gatling Enterprise, versions below 1.25.0. A low-privileged user without the admin role can issue REST API calls to read-only endpoints and collect information due to missing authorization checks. The issue is described as unauthorized access to information via read-only en...