11 matches found
EUVD-2022-2884
Malicious code in bioql PyPI...
CVE-2020-2137
Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML formatting of its output, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission...
Stored XSS vulnerability in Jenkins Timestamper Plugin
Timestamper Plugin 1.11.1 and earlier does not escape or sanitize the HTML formatting used to display the timestamps in console output for builds. This results in a stored cross-site scripting vulnerability that can be exploited by users with Overall/Administer permission. Timestamper Plugin 1.11...
GHSA-6XXF-RWV4-MRJM Stored XSS vulnerability in Jenkins Timestamper Plugin
Timestamper Plugin 1.11.1 and earlier does not escape or sanitize the HTML formatting used to display the timestamps in console output for builds. This results in a stored cross-site scripting vulnerability that can be exploited by users with Overall/Administer permission. Timestamper Plugin 1.11...
CloudBees Jenkins Timestamper plugin cross-site scripting vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . Timestamper Plugin is used in one of the...
CVE-2020-2137
Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML formatting of its output, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission...
CVE-2020-2137
Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML formatting of its output, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission...
Cross site scripting
Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML formatting of its output, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission...
CVE-2020-2137
Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML formatting of its output, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission...
CVE-2020-2137
Summary (CVE-2020-2137) : The Jenkins Timestamper Plugin (versions ≤ 1.11.1) is affected by a stored XSS due to lack of HTML sanitization in its output. This vulnerability can be exploited by users with Overall/Administer permission to inject HTML into build timestamps. The issue is mitigated by ...
PT-2020-15346 · Jenkins · Jenkins Timestamper Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Timestamper Plugin versions 1.11.1 and earlier Description: The issue results in a stored cross-site scripting vulnerability due to the lack of sanitization of HTML formatting in the output. This can be exploited by attackers with...