Lucene search
K

4 matches found

CVE
CVE
added 2026/06/24 1:20 p.m.9 views

CVE-2026-57297

CVE-2026-57297 affects Jenkins via the Contrast Continuous Application Security Plugin (3.11 and earlier). The issue is a missing permission check that lets attackers with Overall/Read access cause a connection to an attacker‑specified URL using attacker‑provided credentials (username, API key, s...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51809

Name of the Vulnerable Software and Affected Versions Jenkins Contrast Continuous Application Security Plugin versions prior to 3.12 Description Missing permission checks allow users with Overall/Read permission to enumerate the names of configured Contrast metadata. Recommendations Update Jenkin...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 11:59 p.m.10 views

CVE-2022-43420

Jenkins Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control or modify Contrast service API responses...

5.4CVSS5.4AI score0.00639EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/19 12:0 a.m.5 views

Jenkins Contrast Continuous Application Security Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...

5.4CVSS5.5AI score0.00639EPSS
Exploits0References5
Rows per page
Query Builder