90 matches found
CVE-2024-28149
Jenkins HTML Publisher Plugin 1.16 through 1.32 both inclusive does not properly sanitize input, allowing attackers with Item/Configure permission to implement cross-site scripting XSS attacks and to determine whether a path on the Jenkins controller file system exists...
Jenkins HTML Publisher Plugin Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability ...
PT-2024-2096 · Jenkins · Jenkins Html Publisher Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins HTML Publisher Plugin versions 1.32 and earlier Description: The issue is related to the incorrect restriction of the directory path name with limited access. Exploitation may allow a remote attacker to read arbitrary files using a...
PT-2024-2110 · Jenkins · Jenkins Html Publisher Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins HTML Publisher Plugin versions 1.16 through 1.32 Description: The issue arises from the plugin's failure to properly sanitize input, allowing attackers with Item/Configure permission to implement cross-site scripting XSS attacks. This...
Jenkins HTML Publisher Plugin Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
Jenkins HTML Publisher Plugin Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability ...
SUSE CVE-2018-1000175
A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master...
GHSA-Q829-HRMC-84C8 Jenkins HTML Publisher Plugin vulnerable to Cross-site Scripting
Jenkins HTML Publisher Plugin prior to version 1.21 did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those. This issue has been patched in version 1.21...
Jenkins HTML Publisher Plugin vulnerable to Cross-site Scripting
Jenkins HTML Publisher Plugin prior to version 1.21 did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those. This issue has been patched in version 1.21...
GHSA-4X63-3P7Q-XMH7 Jenkins HTML Publisher Plugin path traversal vulnerability
A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master. In version 1.16, non-alphanumeric characters in report names a...
Jenkins HTML Publisher Plugin path traversal vulnerability
A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master. In version 1.16, non-alphanumeric characters in report names a...
RHEL 7 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:4055)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:4055 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
jenkins-2-plugins: Stored XSS vulnerability in HTML Publisher Plugin
Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those...
jenkins-2-plugins: Stored XSS vulnerability in HTML Publisher Plugin
Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.2 jenkins-2-plugins security update
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2019-10432
Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those...
CloudBees Jenkins HTML Publisher Plugin XSS Injection Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release , test projects and some timed tasks . Dependency Graph Viewer Plugin is used in whi...
CVE-2019-10432
Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those...
CVE-2019-10432
Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those...
Cross site scripting
Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the project and build display names in the HTML report frame, resulting in a cross-site scripting vulnerability exploitable by users able to change those...