83 matches found
CVE-2016-3727
The API URL computer/master/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in test-plugin.php in the Swipe Checkout for Jigoshop swipe-hq-checkout-for-jigoshop plugin 3.1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the apiurl parameter...
CVE-2014-4557
Cross-site scripting XSS vulnerability in test-plugin.php in the Swipe Checkout for Jigoshop swipe-hq-checkout-for-jigoshop plugin 3.1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the apiurl parameter...