CVE-2022-41227

A cross-site request forgery CSRF vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials...

CVE-2025-2875

CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when an unauthenticated attacker manipulates controller’s webserver URL to access resources...

CVE-2022-30946

A cross-site request forgery CSRF vulnerability in Jenkins Script Security Plugin 1158.v7c1b73a69a08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver...

EditTag 1.2 edittag.pl file Variable Arbitrary File Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/21890/info EditTag is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote attacker to access any file...

EditTag 1.2 edittag.cgi file Variable Arbitrary File Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/21890/info EditTag is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote attacker to access any file...