CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

RedhatCVE•added 2025/05/22 11:13 p.m.•2 views

CVE-2022-34182

Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...

6.1CVSS6AI score0.14806EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:11 p.m.•5 views

CVE-2021-21680

Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...

7.1CVSS6.7AI score0.00168EPSS

Exploits0References1

Github Security Blog•added 2022/06/24 12:0 a.m.•17 views

Reflected Cross-site Scripting in Jenkins Nested View Plugin

Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability. Nested View Plugin 1.26 escapes search parameters...

6.1CVSS6.1AI score0.14806EPSS

Exploits0References4Affected Software1

OSV•added 2022/06/24 12:0 a.m.•13 views

GHSA-H642-5H74-3X9C Reflected Cross-site Scripting in Jenkins Nested View Plugin

8.8CVSS6.1AI score0.14806EPSS

Exploits0References4

NVD•added 2022/06/23 5:15 p.m.•9 views

CVE-2022-34182

Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...

6.1CVSS0.14806EPSS

Exploits0References1

OSV•added 2022/06/23 5:15 p.m.•17 views

CVE-2022-34182

Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...

6.1CVSS6AI score

Exploits0References1

Prion•added 2022/06/23 5:15 p.m.•12 views

Cross site scripting

Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...

4.3CVSS5.9AI score0.14806EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/06/22 2:41 p.m.•11 views

CVE-2022-34182

Jenkins Nested View Plugin 1.20 through 1.25 both inclusive does not escape search parameters, resulting in a reflected cross-site scripting XSS vulnerability...

7.3AI score0.14806EPSS

Exploits0References1

CVE•added 2022/06/22 2:41 p.m.•82 views

CVE-2022-34182

CVE-2022-34182 affects Jenkins Nested View Plugin, versions 1.20–1.25. The vulnerability is a reflected cross-site scripting (XSS) due to the plugin not escaping search parameters in user input. The issue is addressed in version 1.26, which escapes search parameters. Therefore, upgrading to 1.26+...

6.1CVSS5.9AI score0.14806EPSS

Exploits0References1Affected Software1

OSV•added 2022/05/24 7:12 p.m.•21 views

GHSA-5WC4-W63V-97C3 XXE vulnerability in Jenkins Nested View Plugin

Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks. This allows attackers able to configure views to have Jenkins parse a crafted view XML definition that uses external entities for extraction of secrets from the Jenkins...

7.1CVSS7AI score0.00168EPSS

Exploits0References5

Github Security Blog•added 2022/05/24 7:12 p.m.•21 views

XXE vulnerability in Jenkins Nested View Plugin

7.1CVSS6.6AI score0.00168EPSS

Exploits0References5Affected Software1

OSV•added 2021/08/31 2:15 p.m.•16 views

CVE-2021-21680

Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...

7.1CVSS6.7AI score

Exploits0References2

NVD•added 2021/08/31 2:15 p.m.•14 views

CVE-2021-21680

Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...

7.1CVSS0.00168EPSS

Exploits0References2

Prion•added 2021/08/31 2:15 p.m.•12 views

Xxe

Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...

5.5CVSS6.8AI score0.00168EPSS

Exploits0References2Affected Software1

CVE•added 2021/08/31 1:50 p.m.•63 views

CVE-2021-21680

CVE-2021-21680 : Jenkins Nested View Plugin (versions ≤ 1.20) does not configure its XML transformer to disable external entity resolution, enabling XXE attacks via crafted view XML. Public references (OSV, Red Hat, GHSA) indicate that starting with version 1.21 Jenkins disables external entity r...

7.1CVSS7AI score0.00168EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/08/31 1:50 p.m.•17 views

CVE-2021-21680

Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks...

7.3AI score0.00168EPSS

Exploits0References2

Positive Technologies•added 2021/08/31 12:0 a.m.•5 views

PT-2021-14723 · Jenkins · Jenkins Nested View Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Nested View Plugin versions 1.20 and earlier Description: The issue arises from the Jenkins Nested View Plugin not configuring its XML transformer to prevent XML external entity XXE attacks. This allows attackers who can configure vie...

7.1CVSS6.8AI score0.00168EPSS

Exploits0References8

CNNVD•added 2021/08/31 12:0 a.m.•2 views

Jenkins 代码问题漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A code issue vulnerability exists in Jenkins Nested View Plugin 1.20 and earlier, which arises from an improperly designe...

7.1CVSS7.2AI score0.00168EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by