4 matches found
CVE-2014-3678
Cross-site scripting XSS vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-3678
CVE-2014-3678 is a Cross-site Scripting (XSS) vulnerability in the Jenkins Monitoring plugin, affecting versions before 1.53.0. The root cause is a faulty input validation in the Monitoring plugin that allows an attacker to inject arbitrary web script or HTML, via unspecified vectors, potentially...
jenkins: multiple issues
SECURITY-87/CVE-2014-3661 anonymous DoS attack through CLI handshake This vulnerability allows unauthenticated users with access to Jenkins' HTTP/HTTPS port to mount a DoS attack on Jenkins through thread exhaustion. - SECURITY-110/CVE-2014-3662 User name discovery Anonymous users can test if the...
FreeBSD : jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS (549a2771-49cc-11e4-ae2c-c80aa9043978)
Jenkins Security Advisory : Please reference CVE/URL list for details %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2019 Jacques Vidrine and contributors Redistribution an...