6 matches found
Stored XSS vulnerability in chosen-views-tabbar Plugin
Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with the ability to configure views...
CloudBees Jenkins chosen-views-tabbar Plugin Cross-Site Scripting Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...
Cross site scripting
Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with the ability to configure views...
CVE-2020-2269
Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with the ability to configure views...
CVE-2020-2269
CVE-2020-2269 affects Jenkins chosen-views-tabbar Plugin (versions 1.2 and earlier). The vulnerability is a stored XSS caused by lack of escaping view names in the dropdown used to select views, enabling an attacker who can configure views to inject script. Public advisories (GHSA, NVD, OSV, CNVD...
PT-2020-15494 · Jenkins · Jenkins Chosen-Views-Tabbar Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins chosen-views-tabbar Plugin versions 1.2 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because view names in the dropdown to select views are not properly escaped. Attackers...