22 matches found
Cross-site Scripting (XSS)
Overview org.jenkins-ci.plugins:buildgraph-view is a plugin that computes a graph of related builds starting from the current one, and render it as a graph. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to not escaping the build URL.This results in a stored...
CVE-2026-48927
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or views...
CVE-2026-48927
CVE-2026-48927 affects the Jenkins plugin buildgraph-view up to version 1.8. The issue is that the plugin does not escape the build URL, leading to a stored cross-site scripting (XSS) vulnerability when a user with permission can configure jobs or views. According to the sources, this vulnerabili...
CVE-2026-48927
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or views...
EUVD-2026-32518
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or views...
CVE-2026-48927
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or views...
PT-2026-44020
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or views...
Jenkins buildgraph-view Plugin 安全漏洞
The Jenkins buildgraph-view Plugin is an open-source plugin for visualizing Jenkins build processes. The Jenkins buildgraph-view Plugin versions 1.8 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of escaping of build URLs, which may lead to storage-side...
org.jenkins-ci.plugins:buildgraph-view (>=1.3.1 <=1.8) potentially affected by CVE-2021-21641 via org.jenkins-ci.plugins:promoted-builds (=2.17)
org.jenkins-ci.plugins:promoted-builds MAVEN version =2.17 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:promoted-builds and may be impacted: - org.jenkins-ci.plugins:buildgraph-view =1.3.1, =1.8 Source cves: CVE-2021-21641...
GHSA-4J4G-FP93-QVRW Jenkins buildgraph-view Plugin vulnerable to stored Cross-site Scripting
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored cross-site scripting vulnerability exploitable by users able to change build descriptions...
com.cloudbees.plugins:build-flow-plugin (>=0.10 <=0.11.1), org.jenkins-ci.plugins:build-flow-extensions-plugin (=0.1.1) potentially affected by CVE-2019-16562 via org.jenkins-ci.plugins:buildgraph-view (=1.0)
org.jenkins-ci.plugins:buildgraph-view MAVEN version =1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:buildgraph-view and may be impacted: - com.cloudbees.plugins:build-flow-plugin =0.10, =0.11.1 -...
Jenkins buildgraph-view Plugin vulnerable to stored Cross-site Scripting
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored cross-site scripting vulnerability exploitable by users able to change build descriptions...
org.jenkins-ci.plugins:buildgraph-view (>=1.3.1 <=1.8) potentially affected by CVE-2018-1000114 via org.jenkins-ci.plugins:promoted-builds (=2.17)
org.jenkins-ci.plugins:promoted-builds MAVEN version =2.17 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:promoted-builds and may be impacted: - org.jenkins-ci.plugins:buildgraph-view =1.3.1, =1.8 Source cves: CVE-2018-1000114...
org.jenkins-ci.plugins:buildgraph-view (>=1.3.1 <=1.8) potentially affected by CVE-2022-29049 via org.jenkins-ci.plugins:promoted-builds (=2.17)
org.jenkins-ci.plugins:promoted-builds MAVEN version =2.17 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:promoted-builds and may be impacted: - org.jenkins-ci.plugins:buildgraph-view =1.3.1, =1.8 Source cves: CVE-2022-29049...
org.jenkins-ci.plugins:buildgraph-view (>=1.3.1 <=1.8) potentially affected by CVE-2022-29045 via org.jenkins-ci.plugins:promoted-builds (=2.17)
org.jenkins-ci.plugins:promoted-builds MAVEN version =2.17 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:promoted-builds and may be impacted: - org.jenkins-ci.plugins:buildgraph-view =1.3.1, =1.8 Source cves: CVE-2022-29045...
CloudBees Jenkins buildgraph-view Plugin Cross-Site Scripting Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A cross-site scripting vulnerability exists in CloudBees Jenkins buildgraph-view Plugin 1.8 and earlier versions. The vulnerability stems from a WEB application t...
CVE-2019-16562
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descriptions...
CVE-2019-16562
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descriptions...
Cross site scripting
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descriptions...
CVE-2019-16562
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descriptions...