EUVD-2022-3953

Malicious code in bioql PyPI...

CVE-2022-41239

Jenkins DotCi Plugin 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting XSS vulnerability...

GHSA-Q9G4-9FX4-V533 Stored XSS vulnerability in Jenkins DotCi Plugin

DotCi Plugin 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted commit notifications to the...

Stored XSS vulnerability in Jenkins DotCi Plugin

DotCi Plugin 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted commit notifications to the...

Stored XSS vulnerability in Jenkins Git Plugin

Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted commit notifications to th...

jenkins-2-plugins/git: stored XSS vulnerability

A stored cross-site scripting XSS vulnerability was found in the Jenkins Git plugin. Due to not escaping the Git SHA-1 checksum parameters provided to commit notifications, an attacker is able to submit crafted commit notifications to the /git/notifyCommit endpoint...

Jenkins Git Plugin < 4.8.3 XSS

According to its its self-reported version number, the version of the Jenkins Git Plugin running on the remote web server is prior to 4.8.3. It is, therefore, affected by a cross-site scripting vulnerability due to it not escaping the Git SHA-1 checksum parameters provided to commit notifications...

CVE-2021-21684

A stored cross-site scripting XSS vulnerability was found in the Jenkins Git plugin. Due to not escaping the Git SHA-1 checksum parameters provided to commit notifications, an attacker is able to submit crafted commit notifications to the /git/notifyCommit endpoint...

Jenkins 跨站脚本漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A cross-site scripting vulnerability exists in Jenkins Git Plugin 4.8.2 and earlier versions that stems from not bypassin...