Lucene search
K

4 matches found

Cvelist
Cvelist
added 2014/10/10 2:0 p.m.32 views

CVE-2014-3678

Cross-site scripting XSS vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.6AI score0.0184EPSS
Exploits0References3
CVE
CVE
added 2014/10/10 2:0 p.m.65 views

CVE-2014-3678

CVE-2014-3678 is a Cross-site Scripting (XSS) vulnerability in the Jenkins Monitoring plugin, affecting versions before 1.53.0. The root cause is a faulty input validation in the Monitoring plugin that allows an attacker to inject arbitrary web script or HTML, via unspecified vectors, potentially...

4.3CVSS5.7AI score0.0184EPSS
Exploits0References3Affected Software1
ArchLinux
ArchLinux
added 2014/10/02 12:0 a.m.70 views

jenkins: multiple issues

SECURITY-87/CVE-2014-3661 anonymous DoS attack through CLI handshake This vulnerability allows unauthenticated users with access to Jenkins' HTTP/HTTPS port to mount a DoS attack on Jenkins through thread exhaustion. - SECURITY-110/CVE-2014-3662 User name discovery Anonymous users can test if the...

7.5CVSS2.6AI score0.12768EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2014/10/02 12:0 a.m.77 views

FreeBSD : jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS (549a2771-49cc-11e4-ae2c-c80aa9043978)

Jenkins Security Advisory : Please reference CVE/URL list for details %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2019 Jacques Vidrine and contributors Redistribution an...

7.5CVSS7.6AI score0.12768EPSS
Exploits0References15
Rows per page
Query Builder