Lucene search
K

4 matches found

Prion
Prion
added 2023/06/14 1:15 p.m.22 views

Cross site scripting

Jenkins Sonargraph Integration Plugin 5.0.1 and earlier does not escape the file path and the project name for the Log file field form validation, resulting in a stored cross-site scripting vulnerability exploitable by attackers with Item/Configure permission...

4.9CVSS5.2AI score0.00656EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/14 12:0 a.m.4 views

PT-2023-25164 · Jenkins · Jenkins Sonargraph Integration Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Sonargraph Integration Plugin versions 5.0.1 and earlier Description: The issue is related to a stored cross-site scripting vulnerability. It occurs because the file path and the project name for the Log file field form validation are...

5.4CVSS5.9AI score0.00656EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/06/14 12:0 a.m.6 views

Jenkins Plugin Sonargraph Integration 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.4CVSS5.6AI score0.00656EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/07/02 12:0 a.m.8 views

PT-2020-15415 · Jenkins · Jenkins Sonargraph Integration Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Sonargraph Integration Plugin versions 3.0.0 and earlier Description: The issue results in a stored cross-site scripting vulnerability due to the failure to escape the file path for the Log file field form validation. This can be...

5.4CVSS5.2AI score0.00735EPSS
Exploits0References7
Rows per page
Query Builder