7 matches found
CVE-2020-2096
creationtimestamp| type| source ---|---|--- 2025-07-08 21:02:35+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lti75ivdhw2k...
Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting
Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Author: Ai Ho Vendor Homepage : https://jenkins.io/ Effective version : Gitlab Hook Plugin 1.4.2 and earlier References: https://jenkins.io/security/advisory/2020-01-15/ CVE: CVE-2020-2096 PoC:...
Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting
Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Author: Ai Ho Vendor Homepage : https://jenkins.io/ Effective version : Gitlab Hook Plugin 1.4.2 and earlier References:...
Jenkins Gitlab Hook 1.4.2 Cross Site Scripting
Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Author: Ai Ho Vendor Homepage : https://jenkins.io/ Effective version : Gitlab Hook Plugin 1.4.2 and earlier References: https://jenkins.io/security/advisory/2020-01-15/ CVE: CVE-2020-2096 PoC:...
Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Vulnerability
Exploit for java platform in category web applications Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Author: Ai Ho Vendor Homepage : https://jenkins.io/ Effective version : Gitlab Hook Plugin 1.4.2 and earlier References:...
CVE-2020-2096
Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the buildnow endpoint, resulting in a reflected XSS vulnerability...
CVE-2020-2096
CVE-2020-2096 affects Jenkins Gitlab Hook Plugin ≤ 1.4.2. The build_now endpoint fails to escape project names, causing a reflected XSS vulnerability. Impact: attacker can run arbitrary JavaScript in the victim’s browser. PoC exists (e.g., build_now%3Csvg/onload=alert(document.domain)%3E). Remedi...