CVE-2020-2152

Jenkins Subversion Release Manager Plugin 1.2 and earlier does not escape the error message for the Repository URL field form validation, resulting in a reflected cross-site scripting vulnerability...

CVE-2020-2152

CVE-2020-2152 affects Jenkins Subversion Release Manager Plugin 1.2 and earlier. A reflected cross-site scripting vulnerability arises because the error message shown for the Repository URL field validation is not escaped, enabling injection via crafted input. The root cause is lack of proper esc...

PT-2020-15363 · Jenkins · Jenkins Subversion Partial Release Manager Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Subversion Release Manager Plugin versions 1.2 and earlier Description: The issue is related to a reflected cross-site scripting vulnerability. It occurs because the error message for the Repository URL field form validation is not...

Information Disclosure

ansible is vulnerable to information disclosure. The vulnerability exists as the svn command run by the subversion module does not allow a password to be passed securely, allowing the password to be read by a manged node at /proc//cmdline...

CloudBees Jenkins Subversion Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Subversion Plugin is a U.S. CloudBees company based on Java development of continuous integration tools in the version control system plugin . A cross-site scripting vulnerability exists in version 2.13.0 and earlier of the Subversion Plugin in CloudBees Jenkins. The vulnerabili...

CVE-2020-2111

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability...

CVE-2020-2111

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability...

Cross site scripting

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability...

CVE-2020-2111

CVE-2020-2111 affects the Jenkins Subversion Plugin (versions ≤ 2.13.0). The vulnerability is a stored cross-site scripting (XSS) in the Project Repository Base URL field validation due to improper escaping of error messages. The issue is fixed in Jenkins Subversion Plugin 2.13.1, which escapes t...

CVE-2020-2111

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability...

PT-2020-15318 · Jenkins · Jenkins Subversion Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Subversion Plugin versions 2.13.0 and earlier Description: The issue is related to a stored cross-site scripting vulnerability. It occurs because the error message for the Project Repository Base URL field form validation is not...

ansible - subversion password leak from PID

Borja Tarraso reports: A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading...

Code injection

Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 archivename parameter to the Power FS module plugins/action.powerfs/class.PowerFSController.php, a 2 file name to the getTrustSizeOnFileSystem function in the File System Standard modu...

CVE-2013-4267

Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 archivename parameter to the Power FS module plugins/action.powerfs/class.PowerFSController.php, a 2 file name to the getTrustSizeOnFileSystem function in the File System Standard modu...

BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver

The operators behind the RobbinHood ransomware are using a vulnerable, legacy driver from Taiwan-based motherboard manufacturer Gigabyte in order to get around antivirus protections. The “bring-your-own-bug” tactic is likely to crop up in other attacks going forward, according to security analyst...

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-1789)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-2550)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-2504)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2019-2669)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2017-1176)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...