Jenkins 跨站请求伪造漏洞

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...

CVE-2021-28973

The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks...

CVE-2021-28973

The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks...

Input validation

The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks...

CVE-2021-28973

The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks...

CVE-2021-28973

CVE-2021-28973 affects Perforce Helix ALM 2020.3.1 Build 22, where the XML Import functionality processes XML input with an insecurely configured XML parser . This leads to XXE attacks . The connected Red Hat entry confirms the same description. The documents do not provide explicit exploitation ...

Perforce Software Perforce Helix ALM 缓冲区错误漏洞

Perforce Software Perforce Helix ALM is an application software from Perforce Software, Inc. It provides application lifecycle management for products. Perforce Helix ALM 2020.3.1 Build 22 suffers from a buffer error vulnerability that originates from the XML import function of the management...

Perforce Software Perforce Helix ALM 代码问题漏洞

Perforce Software Perforce Helix ALM is an application software from Perforce Software, Inc. It provides application lifecycle management for products. A security vulnerability exists in Perforce Helix ALM 2020.3.1 Build 22, which stems from the XML Import feature accepting XML input data parsed ...

CloudBees Jenkins P4 Plugin Authorization Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . P4 Plugin is used in one of the Perforce...

CloudBees Jenkins P4 plugin cross-site request forgery vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . P4 Plugin is used in one of the Perforce...

CVE-2020-2141

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

CVE-2020-2141

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

CVE-2020-2141

Jenkins P4 Plugin ≤1.10.10 is affected by a cross-site request forgery vulnerability that lets an attacker trigger builds or add labels in Perforce. Root cause: the web app does not adequately validate request origin. Impact: CSRF with I=Low, UI interaction required; no confidentiality or availab...

CVE-2020-2141

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

PT-2020-15352 · Jenkins · Jenkins P4 Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.10.10 and earlier Description: A cross-site request forgery issue allows attackers to trigger builds or add labels in Perforce. Recommendations: For Jenkins P4 Plugin versions 1.10.10 and earlier, update to a...

Perforce P4web Cross-Site Scripting Vulnerability (CNVD-2020-13886)

Perforce is a version control software and Perforce P4web is a client software. A cross-site scripting vulnerability exists in Perforce P4web versions 2011.1 and 2012.1. The vulnerability stems from a failure of the web application to properly validate client-side data. An attacker could exploit...

CVE-2013-1410

Perforce P4web 2011.1 and 2012.1 has multiple XSS vulnerabilities...

Cross site scripting

Perforce P4web 2011.1 and 2012.1 has multiple XSS vulnerabilities...

CVE-2013-1410

CVE-2013-1410 corresponds to multiple XSS vulnerabilities in Perforce P4web, affecting version 2011.1 and 2012.1. The included documents describe an issue where the web application fails to properly validate client-side data, enabling cross-site scripting. Public scoring from NVD indicates CVSS v...