EUVD-2022-6406

Malicious code in bioql PyPI...

CVE-2022-34785

Jenkins build-metrics Plugin 1.3 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to obtain information about jobs otherwise inaccessible to them...

CVE-2022-34784

Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Build/Update permission...

Cross site scripting in Jenkins build-metrics Plugin

Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Build/Update permission...

CVE-2022-34784

Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Build/Update permission...

Design/Logic Flaw

Jenkins build-metrics Plugin 1.3 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to obtain information about jobs otherwise inaccessible to them...

CVE-2022-34785

CVE-2022-34785 affects the Jenkins build-metrics Plugin (version 1.3 and earlier). The issue is that the plugin does not perform permission checks on multiple HTTP endpoints, allowing attackers with Overall/Read permission to obtain information about jobs they would normally not have access to. P...

CVE-2022-34784

CVE-2022-34784 refers to Jenkins build-metrics Plugin 1.3, where the build description is not escaped on a view, causing a stored XSS vulnerability. The issue is exploitable by attackers with Build/Update permission. Multiple connected sources (NVD, Red Hat CVE, OSV, CNVD, GHSA, etc.) consistentl...

Jenkins Plugin build-metrics 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins build-metrics Plugin version 1.3 and earlier versions are vulnerable t...

Jenkins Plugin build-metrics 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plug-ins to support building, deploying, and automating any project. Jenkins build-metrics Plugin version 1.3 contains a cross-site scripting...

PT-2022-22336 · Jenkins · Jenkins Build-Metrics Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins build-metrics Plugin versions 1.3 and earlier Description: The issue concerns the Jenkins build-metrics Plugin, which does not perform permission checks in multiple HTTP endpoints. This allows attackers with Overall/Read permission to...

PT-2022-22335 · Jenkins · Jenkins Build-Metrics Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins build-metrics Plugin version 1.3 Description: The issue is a stored cross-site scripting XSS vulnerability. It occurs because the build description on one of the views is not properly escaped, allowing attackers with Build/Update...

Jenkins build-metrics plugin 1.3 - label Cross-Site Scripting

Jenkins build-metrics plugin 1.3 - label Cross-Site Scripting Exploit Title: Jenkins build-metrics plugin 1.3 - 'label' Cross-Site Scripting Date: 2019-11-06 Exploit Author: vesche Austin Jackson Vendor Homepage: https://plugins.jenkins.io/build-metrics Version: Jenkins build-metrics plugin 1.3 a...

Jenkins build-metrics plugin 1.3 - 'label' Cross-Site Scripting

Exploit Title: Jenkins build-metrics plugin 1.3 - 'label' Cross-Site Scripting Date: 2019-11-06 Exploit Author: vesche Austin Jackson Vendor Homepage: https://plugins.jenkins.io/build-metrics Version: Jenkins build-metrics plugin 1.3 and below Tested on: Debian 10 Buster, Jenkins 2.203 latest...

CloudBees Jenkins build-metrics Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . build-metrics Plugin is used in which a...

CVE-2019-10475

A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin...

CVE-2019-10475

A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin...

Cross site scripting

A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin...

CVE-2019-10475

A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin...

CVE-2019-10475

CVE-2019-10475 affects Jenkins’ build-metrics plugin (1.3 and earlier). It is a reflected cross-site scripting vulnerability where the plugin does not properly escape the label query parameter, allowing an attacker to inject arbitrary HTML/JavaScript into the plugin’s web pages. Impact is user’s ...