48 matches found
CVE-2022-25191
Jenkins Agent Server Parameter Plugin 1.0 and earlier does not escape parameter names of agent server parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-25191
CVE-2022-25191 : Jenkins Agent Server Parameter Plugin 1.0 and earlier fails to escape parameter names for agent server parameters, causing a stored XSS vulnerability exploitable by attackers with Item/Configure permission. The issue is mitigated by upgrading to Agent Server Parameter Plugin 1.1,...
Jenkins 插件 跨站脚本漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Agent Server Parameter Plugin 1.0 and earlier versions have a cross-site scripting vulnerability that stems from n...
PT-2022-17131 · Jenkins · Jenkins Agent Server Parameter Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Agent Server Parameter Plugin versions 1.0 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the plugin does not escape parameter names of agent server parameters...
Arbitrary File Read Vulnerability in MAS Mobile Proxy Server
Mobile Agent Server MAS is the abbreviation of Mobile Agent Server, is to assist the enterprise original business system to realize the wireless application of the access tool to achieve MAS access to the enterprise original business system can be convenient to realize the wireless application,...
BMC Control-M/Agent Command Injection Vulnerability (CNVD-2020-26845)
Control-M is one of BMC's most important automation control products, and is the world's leading integrated business scheduling solution for cross-platform and cross-application job scheduling. A security vulnerability exists in the communication between BMC Control-M/Agent and Control-M/Server...
CVE-2013-0141
Summary (CVE-2013-0141): A directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) allows a remote attacker to upload arbitrary files via a crafted request over the Agent-Server communication channel, demonstrated by writing to the Software/ directory. It affects ePO versions prior...
Trend Micro OfficeScan directory traversal
Directory traversal in update agent server part...