18 matches found
EUVD-2023-0762
Malicious code in bioql PyPI...
EUVD-2022-5753
Malicious code in bioql PyPI...
EUVD-2022-7196
Malicious code in bioql PyPI...
jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting XSS vulnerability. This may allow an attacker to control test case class names in the JUnit resources...
jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting XSS vulnerability. This may allow an attacker to control test case class names in the JUnit resources...
jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting XSS vulnerability. This may allow an attacker to control test case class names in the JUnit resources...
RHCOS 4 : OpenShift Container Platform 4.10.58 (RHSA-2023:1866)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1866 advisory. - jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin CVE-2023-25761 - jenkins-2-plugins/pipeline-build-step: Stored X...
jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting XSS vulnerability. This may allow an attacker to control test case class names in the JUnit resources...
SUSE CVE-2018-1000056
Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...
CVE-2023-25761
Jenkins JUnit Plugin 1166.va436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin...
Cross site scripting
Jenkins JUnit Plugin 1159.v0b396e1e07dd and earlier converts HTTPS URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-45380
Jenkins JUnit Plugin 1159.v0b396e1e07dd and earlier converts HTTPS URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-34176
Jenkins JUnit Plugin 1119.vaa5e9068dad7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...
GHSA-X9GM-M8PP-54VX Jenkins JUnit Plugin CSRF vulnerability
A cross-site request forgery vulnerability exists in Jenkins JUnit Plugin 1.25 and earlier in TestObject.java that allows setting the description of a test result...
CVE-2018-1000411
A cross-site request forgery vulnerability exists in Jenkins JUnit Plugin 1.25 and earlier in TestObject.java that allows setting the description of a test result...
CVE-2018-1000411
A cross-site request forgery vulnerability exists in Jenkins JUnit Plugin 1.25 and earlier in TestObject.java that allows setting the description of a test result...
Fedora Update for jenkins-junit-plugin FEDORA-2016-f3b40fcbc3
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for jenkins-junit-plugin FEDORA-2014-15776
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...