Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2022/05/24 10:0 p.m.5 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1574 more potentially affected by CVE-2019-10406 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.17)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2019-10406 Source advisory: OSV:GHSA-HW55-F8WC-82M6...

4.8CVSS5.8AI score0.00992EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/10/22 9:51 p.m.30 views

CVE-2019-10406

Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not restrict or filter values set as Jenkins URL in the global configuration, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission...

4.8CVSS3.3AI score0.00992EPSS
Exploits0References3
NVD
NVD
added 2019/09/25 4:15 p.m.29 views

CVE-2019-10406

Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not restrict or filter values set as Jenkins URL in the global configuration, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission...

4.8CVSS4.9AI score0.00992EPSS
Exploits0References2
CVE
CVE
added 2019/09/25 3:5 p.m.145 views

CVE-2019-10406

CVE-2019-10406 affects Jenkins 2.196 and earlier, including LTS 2.176.3 and earlier. The root cause is that the global configuration did not restrict or filter values set in the Jenkins URL field, allowing a stored XSS vulnerability. Exploitation requires Overall/Administer permission and can be ...

4.8CVSS4.7AI score0.00992EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/09/25 3:5 p.m.31 views

CVE-2019-10406

Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not restrict or filter values set as Jenkins URL in the global configuration, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission...

4.9AI score0.00992EPSS
Exploits0References2
Rows per page
Query Builder