CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Github Security Blog•added 2022/05/13 1:1 a.m.•25 views

Improper Neutralization of Input During Web Page Generation in Jenkins

A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in BuildTimelineWidget.java, BuildTimelineWidget/control.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in another user's browser when that other us...

5.4CVSS4.8AI score0.00158EPSS

Exploits0References5Affected Software1

OSV•added 2022/05/13 1:1 a.m.•0 views

GHSA-PGXV-H967-FW2Q Improper Neutralization of Input During Web Page Generation in Jenkins

5.4CVSS7.1AI score0.00158EPSS

Exploits0References5

RedhatCVE•added 2018/07/30 3:49 a.m.•26 views

CVE-2018-1999005

6.4CVSS4.6AI score0.00158EPSS

Exploits0References2

OSV•added 2018/07/23 7:29 p.m.•15 views

CVE-2018-1999005

5.4CVSS5.7AI score

Exploits0References2

Prion•added 2018/07/23 7:29 p.m.•20 views

Cross site scripting

3.5CVSS6.3AI score0.00158EPSS

Exploits0References2Affected Software2

CVE•added 2018/07/23 7:0 p.m.•103 views

CVE-2018-1999005

CVE-2018-1999005 is a cross-site scripting vulnerability in Jenkins versions before 2.133 (and 2.121.1 and earlier) affecting BuildTimelineWidget.java and BuildTimelineWidget/control.jelly. Attackers with Job/Configure permission could inject JavaScript executed in another user’s browser during U...

5.4CVSS6.1AI score0.00158EPSS

Exploits0References2Affected Software1

Cvelist•added 2018/07/23 7:0 p.m.•17 views

CVE-2018-1999005

6.3AI score0.00158EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by