22 matches found
CVE-2022-34182
Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...
CVE-2021-21680
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...
Reflected Cross-site Scripting in Jenkins Nested View Plugin
Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability. Nested View Plugin 1.26 escapes search parameters...
GHSA-H642-5H74-3X9C Reflected Cross-site Scripting in Jenkins Nested View Plugin
Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability. Nested View Plugin 1.26 escapes search parameters...
Jenkins Nested View Plugin Cross-Site Scripting Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. An attacker could exploit this vulnerability to perform cross-site scripting...
CVE-2022-34182
Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...
CVE-2022-34182
Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...
CVE-2022-34182
Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...
Cross site scripting
Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...
CVE-2022-34182
CVE-2022-34182 affects Jenkins Nested View Plugin, versions 1.20–1.25. The vulnerability is a reflected cross-site scripting (XSS) due to the plugin not escaping search parameters in user input. The issue is addressed in version 1.26, which escapes search parameters. Therefore, upgrading to 1.26+...
CVE-2022-34182
Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...
PT-2022-22050 · Jenkins · Jenkins Nested View Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Nested View Plugin versions 1.20 through 1.25 Description: The issue is related to a reflected cross-site scripting XSS vulnerability. This occurs because the plugin does not escape search parameters. No information is provided about...
Jenkins Plugin Nested View 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. An attacker could exploit this vulnerability to perform cross-site scripting...
GHSA-5WC4-W63V-97C3 XXE vulnerability in Jenkins Nested View Plugin
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks. This allows attackers able to configure views to have Jenkins parse a crafted view XML definition that uses external entities for extraction of secrets from the Jenkins...
XXE vulnerability in Jenkins Nested View Plugin
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks. This allows attackers able to configure views to have Jenkins parse a crafted view XML definition that uses external entities for extraction of secrets from the Jenkins...
CVE-2021-21680
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...
CVE-2021-21680
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...
Xxe
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...
CVE-2021-21680
CVE-2021-21680 : Jenkins Nested View Plugin (versions ≤ 1.20) does not configure its XML transformer to disable external entity resolution, enabling XXE attacks via crafted view XML. Public references (OSV, Red Hat, GHSA) indicate that starting with version 1.21 Jenkins disables external entity r...
CVE-2021-21680
Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...