3 matches found
PT-2023-5741 · Jenkins · Jenkins Nodejs Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins NodeJS Plugin versions 1.6.0 and earlier Description: The issue is related to the improper masking of credentials in the Npm config file in Pipeline build logs. This could allow a remote attacker to gain unauthorized access to protect...
PT-2022-20036 · WordPress · Bitcoin / Altcoin Faucet Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Bitcoin / Altcoin Faucet WordPress plugin versions prior to 1.6.1 Description: The issue concerns a lack of CSRF check when saving settings, allowing an attacker to make a logged-in admin change them via a CSRF attack. Additionally, due to th...
PT-2018-16182 · Nextcloud · Nextcloud Calendar
Name of the Vulnerable Software and Affected Versions: Nextcloud Calendar versions prior to 1.5.8 Nextcloud Calendar versions prior to 1.6.1 Description: A stored XSS issue exists due to missing sanitization of search results for an autocomplete field, requiring user-interaction. This issue is...