Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2023/07/04 5:17 a.m.13 views

CVE-2023-35146

A flaw was found in the Jenkins Template Workflows Plugin, where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. This flaw allows a remote, authenticated attacker to inject malicious script into a Web page, which would be executed in a victim's W...

8CVSS6.4AI score0.00752EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/06/16 12:0 a.m.49 views

Jenkins plugins Multiple Vulnerabilities (2023-06-14)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default. CVE-2023-3514...

8.1CVSS6.2AI score0.0083EPSS
Exploits0References11
NVD
NVD
added 2023/06/14 1:15 p.m.20 views

CVE-2023-35146

Jenkins Template Workflows Plugin 41.v32d86a313b4a and earlier does not escape names of jobs used as buildings blocks for Template Workflow Job, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create jobs...

5.4CVSS5.2AI score0.00752EPSS
Exploits0References2
OSV
OSV
added 2023/06/14 1:15 p.m.5 views

CVE-2023-35146

Jenkins Template Workflows Plugin 41.v32d86a313b4a and earlier does not escape names of jobs used as buildings blocks for Template Workflow Job, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create jobs...

5.4CVSS5.7AI score0.00752EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/14 12:53 p.m.17 views

CVE-2023-35146

Jenkins Template Workflows Plugin 41.v32d86a313b4a and earlier does not escape names of jobs used as buildings blocks for Template Workflow Job, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create jobs...

5.3AI score0.00752EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/14 12:53 p.m.32 views

CVE-2023-35146

Jenkins Template Workflows Plugin 41.v32d86a313b4a and earlier does not escape names of jobs used as buildings blocks for Template Workflow Job, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create jobs...

5.7AI score0.00752EPSS
Exploits0References2
CVE
CVE
added 2023/06/14 12:53 p.m.59 views

CVE-2023-35146

CVE-2023-35146 affects the Jenkins Template Workflows Plugin versions 41.v32d86a_313b_4a and earlier. The root cause is that the plugin does not escape names of jobs used as building blocks for Template Workflow Jobs, leading to stored cross-site scripting (XSS) exploitable by attackers who can c...

5.4CVSS5.2AI score0.00752EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder