Lucene search
+L

5 matches found

vulnersOsv
vulnersOsv
added 2022/05/13 1:1 a.m.5 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1574 more potentially affected by CVE-2019-1003050 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.16)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2019-1003050 Source advisory: OSV:GHSA-QPG9-83FV-X9CH...

5.4CVSS6.7AI score0.01346EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2020/04/09 10:33 a.m.23 views

CVE-2019-1003050

The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting XSS vulnerability exploitable by users with the ability to control job names...

5.4CVSS1.9AI score0.01346EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2019/04/17 12:0 a.m.74 views

Jenkins < 2.164.2 LTS and < 2.172 Multiple Vulnerabilities - Windows

Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...

8.1CVSS6.8AI score0.02111EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/04/17 12:0 a.m.86 views

Jenkins < 2.164.2 LTS and < 2.172 Multiple Vulnerabilities - Linux

Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...

8.1CVSS6.8AI score0.02111EPSS
Exploits0References1
CVE
CVE
added 2019/04/10 8:12 p.m.150 views

CVE-2019-1003050

CVE-2019-1003050 affects Jenkins core UI: the f:validateButton form control did not properly escape job URLs, enabling a cross-site scripting (XSS) vulnerability. Vulnerable in Jenkins versions 2.171 and earlier and Jenkins LTS 2.164.1 and earlier; exploit requires a user with the ability to cont...

5.4CVSS5.2AI score0.01346EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder