2 matches found
CVE-2022-29947
Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping...
CVE-2022-29947
CVE-2022-29947 affects Woodpecker (Woodpecker CI) prior to version 0.15.1. Root cause: missing escaping in web/src/components/repo/build/BuildLog.vue enables cross-site scripting via build logs. Impact: XSS in the client when rendering build logs. Mitigation: upgrade to Woodpecker v0.15.1 (as doc...