Lucene search
K

131 matches found

CNNVD
CNNVD
added 2022/03/15 12:0 a.m.4 views

Jenkins List Git Branches Parameter 插件跨站脚本漏洞

Jenkins and Jenkins Plugin are both products of Jenkins, which is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building and deploying projects, and the Jenkins List Git Branches Parameter Plugin 0.0.9 and earlier is vulnerable to a cross-site...

5.4CVSS5.3AI score0.00792EPSS
Exploits0References6
CNVD
CNVD
added 2022/02/17 12:0 a.m.15 views

Jenkins Agent Server Parameter Plugin跨站脚本漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Agent Server Parameter Plugin 1.0 and earlier versions have a cross-site scripting vulnerability that stems from n...

5.4CVSS2.1AI score0.00598EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/02/15 5:15 p.m.5 views

CVE-2022-25189

Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier does not escape parameter names of custom checkbox parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.9AI score0.00598EPSS
Exploits0References2
OSV
OSV
added 2022/02/15 5:15 p.m.3 views

CVE-2022-25189

Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier does not escape parameter names of custom checkbox parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/02/15 12:0 a.m.5 views

PT-2022-17129 · Jenkins · Jenkins Custom Checkbox Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Custom Checkbox Parameter Plugin versions 1.1 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This is due to the plugin not escaping parameter names of custom checkbox parameters. Attacke...

8CVSS5.1AI score0.00598EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/11/12 12:0 a.m.7 views

Jenkins Active Choices 跨站脚本漏洞

Jenkins Active Choices is a Jenkins open source application plugin . Used in parameterized free-form Jenkins jobs to create scripted , dynamic and interactive job parameters . A cross-site scripting vulnerability exists in the Jenkins Plugin, which stems from the Active Choices plugin version 2.5...

5.4CVSS5.4AI score0.88476EPSS
Exploits0References6
OSV
OSV
added 2021/06/16 2:15 p.m.5 views

CVE-2021-21667

Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission...

5.4CVSS5.7AI score0.75742EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/16 12:0 a.m.5 views

Jenkins Scriptler Plugin 跨站脚本漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in the Jenkins Scriptler Plugin that stems from the fact that Jenkins Scriptler Plugin...

5.4CVSS5.8AI score0.75742EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/02/24 12:0 a.m.4 views

PT-2021-14665 · Jenkins · Jenkins Artifact Repository Parameter Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Artifact Repository Parameter Plugin versions 1.0.0 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability because parameter names and descriptions are not escaped. This vulnerability is...

5.4CVSS5.1AI score0.09387EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2020/10/08 12:0 a.m.6 views

PT-2020-15519 · Jenkins · Jenkins Active Choices Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Active Choices Plugin versions 2.4 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability because the name and description of build parameters are not properly escaped. This vulnerability can be...

5.4CVSS5.2AI score0.00911EPSS
Exploits0References8
Kitploit
Kitploit
added 2020/08/24 12:30 p.m.36 views

Parth - Heuristic Vulnerable Parameter Scanner

Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter ?url= usually contains URLs as the value and hence often falls victim to file inclusion, open redirect and SSRF attacks. Parth can go through your burp history, a list of URLs...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/11/13 12:39 p.m.72 views

Arjun v1.1 - HTTP Parameter Discovery Suite

Features Multi-threading 3 modes of detection Regex powered heuristic scanning Huge list of 3370 parameter names Usage Note: Arjun doesn't work with python Note: Arjun uses nano as the default editor for the prompt bu...

7.1AI score
Exploits0References2
OSV
OSV
added 2018/05/10 1:29 p.m.26 views

CVE-2017-2601

Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in parameter names and descriptions SECURITY-353. Users with the permission to configure jobs were able to inject JavaScript into parameter names and descriptions...

5.4CVSS5.4AI score0.02146EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2018/05/10 1:29 p.m.31 views

CVE-2017-2601

Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in parameter names and descriptions SECURITY-353. Users with the permission to configure jobs were able to inject JavaScript into parameter names and descriptions...

6.1CVSS6.7AI score0.02146EPSS
Exploits0References2
Prion
Prion
added 2018/05/10 1:29 p.m.26 views

Cross site scripting

Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in parameter names and descriptions SECURITY-353. Users with the permission to configure jobs were able to inject JavaScript into parameter names and descriptions...

3.5CVSS5.2AI score0.02146EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2018/05/10 12:0 a.m.3 views

PT-2018-7128 · Cloudbees +1 · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 2.44 Jenkins versions prior to 2.32.2 Description: The issue concerns a persisted cross-site scripting vulnerability in parameter names and descriptions. Users with the permission to configure jobs were able to injec...

6.1CVSS5.8AI score0.02146EPSS
Exploits0References14
Cvelist
Cvelist
added 2018/05/10 12:0 a.m.33 views

CVE-2017-2601

Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in parameter names and descriptions SECURITY-353. Users with the permission to configure jobs were able to inject JavaScript into parameter names and descriptions...

6.1CVSS5.4AI score0.02146EPSS
Exploits0References9
Prion
Prion
added 2014/04/07 3:55 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in redirect.php in the Socolissimo module modules/socolissimo/ in PrestaShop before 1.4.7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to "parameter names and values."...

4.3CVSS6AI score0.01825EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2014/04/07 3:0 p.m.55 views

CVE-2012-6641

CVE-2012-6641 is a cross-site scripting (XSS) vulnerability in the PrestaShop Socolissimo module (redirect.php, modules/socolissimo/) that allows injection of arbitrary script/HTML via parameter names and values. Affected software: PrestaShop before 1.4.7.2 (Socolissimo integration). Root cause: ...

4.3CVSS5.7AI score0.01825EPSS
Exploits0References4Affected Software1
myhack58
myhack58
added 2013/02/16 12:0 a.m.21 views

Bubble Amoy(popotao)Amoy program official back door analysis-vulnerability warning-the black bar safety net

Bubble scouring is a pretty good Amoy built Station program, the official web site: http://www.popotao.com the. I was their one of the users of Since the official months are not updated to keep up with Taobao API update speed, so I want to solve on their own, put the official 6 a ZEND encrypted P...

7.3AI score
Exploits0
Rows per page
Query Builder