4 matches found
JetBrains TeamCity Image Name Cross-Site Scripting Vulnerability
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...
GHSA-JPXJ-VGQ5-PRJC OS command execution vulnerability in Jenkins Docker Commons Plugin
Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize the name of an image or a tag, resulting in an OS command execution vulnerability exploitable by attackers with Item/Configure permission or able to control the contents of a previously configured job's SCM repository...
OpenText Tempo Box Cross-Site Scripting Vulnerability
OpenText Tempo Box is an enterprise-class file management solution from OpenText Canada. The solution supports file sharing between PCs and mobile devices. A cross-site scripting vulnerability exists in OpenText Tempo Box 10.0.3. A remote attacker can exploit this vulnerability to persistently...
CVE-2015-0854
App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action...