Ubuntu: Security Advisory (USN-5372-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:1162-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:1161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : subversion (SUSE-SU-2022:1162-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1162-1 advisory. - Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths...

Debian DSA-5119-1 : subversion - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5119 advisory. - Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured...

FreeBSD : Subversion -- Multiple vulnerabilities in server code (3a1dc8c8-bb27-11ec-98d1-d43d7eed0ce2)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3a1dc8c8-bb27-11ec-98d1-d43d7eed0ce2 advisory. - Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal...

CVE-2022-29046

Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags and more parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-29048

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL...

CVE-2022-29048

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL...

CVE-2022-29046

Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags and more parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

Cross site scripting

Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags and more parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL...

CVE-2022-29048

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL...

CVE-2022-29046

Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags and more parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-29048

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL...

CVE-2022-29048

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL...

CVE-2022-29048

CVE-2022-29048 is a CSRF vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier. The issue allows attackers to cause the application to connect to an attacker-specified URL. Public documents in the connected set confirm the plugin version range and the CSRF nature, but do not provide patch...

EUVD-2022-1859

Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags and more parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-29046

Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags and more parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-29046

CVE-2022-29046 affects the Jenkins Subversion Plugin (2.15.3 and earlier). The stored XSS originates from insufficient escaping of the List Subversion tags (and related) parameters on parameter-displaying views, enabling an attacker with Item/Configure permission to inject scripts. Public referen...