Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 5:28 p.m.16 views

Stored XSS vulnerability in chosen-views-tabbar Plugin

Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with the ability to configure views...

5.4CVSS4.9AI score0.00735EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2020/09/17 12:0 a.m.5 views

CloudBees Jenkins chosen-views-tabbar Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

5.4CVSS6.5AI score0.00735EPSS
Exploits0References1
Prion
Prion
added 2020/09/16 2:15 p.m.15 views

Cross site scripting

Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with the ability to configure views...

3.5CVSS5.2AI score0.00735EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/16 1:20 p.m.17 views

CVE-2020-2269

Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with the ability to configure views...

5.2AI score0.00735EPSS
Exploits0References2
CVE
CVE
added 2020/09/16 1:20 p.m.60 views

CVE-2020-2269

CVE-2020-2269 affects Jenkins chosen-views-tabbar Plugin (versions 1.2 and earlier). The vulnerability is a stored XSS caused by lack of escaping view names in the dropdown used to select views, enabling an attacker who can configure views to inject script. Public advisories (GHSA, NVD, OSV, CNVD...

5.4CVSS5.2AI score0.00735EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/09/16 12:0 a.m.6 views

PT-2020-15494 · Jenkins · Jenkins Chosen-Views-Tabbar Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins chosen-views-tabbar Plugin versions 1.2 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because view names in the dropdown to select views are not properly escaped. Attackers...

5.4CVSS5.1AI score0.00735EPSS
Exploits0References6
Rows per page
Query Builder