26 matches found
EUVD-2022-1343
Malicious code in bioql PyPI...
CVE-2022-27197
Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure views...
CVE-2021-21649
Jenkins Dashboard View Plugin 2.15 and earlier does not escape URLs referenced in Image Dashboard Portlets, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Configure permission...
Jenkins Dashboard View Plugin Cross-Site Scripting (CVE-2021-21649)
A stored cross-site scripting vulnerability exists in Jenkins Dashboard View Plugin. This vulnerability is due to insufficient validation of user-controlled information...
GHSA-FV4Q-4H24-23QR Jenkins Dashboard View Plugin vulnerable to Cross-site Scripting
Dashboard View Plugin did not escape the build description on the Latest Builds View. This resulted in a cross-site scripting vulnerability exploitable by attackers able to control the description of builds shown on that view. Dashboard View Plugin now applies the configured markup formatter to t...
Jenkins Dashboard View Plugin vulnerable to Cross-site Scripting
Dashboard View Plugin did not escape the build description on the Latest Builds View. This resulted in a cross-site scripting vulnerability exploitable by attackers able to control the description of builds shown on that view. Dashboard View Plugin now applies the configured markup formatter to t...
GHSA-6FG4-36V7-XV32 Stored Cross-site Scripting vulnerability in Jenkins Dashboard View Plugin
Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure views. Dashboard View Plugin 2.18.1 performs URL validation for the...
Stored Cross-site Scripting vulnerability in Jenkins Dashboard View Plugin
Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure views. Dashboard View Plugin 2.18.1 performs URL validation for the...
CVE-2022-27197
Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure views...
CVE-2022-27197
Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure views...
CVE-2022-27197
CVE-2022-27197 affects Jenkins Dashboard View Plugin 2.18 and earlier. A stored XSS vulnerability arises because the Iframe Portlet’s Iframe source URL is not validated, enabling attackers who can configure views to inject script. Multiple external sources corroborate the issue and, in some cases...
CVE-2022-27197
Jenkins Dashboard View Plugin 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure views...
PT-2022-18283 · Jenkins · Jenkins Dashboard View Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Dashboard View Plugin versions 2.18 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins Dashboard View Plugin does not perform URL validation for the Iframe...
Jenkins Dashboard View Plugin 跨站脚本漏洞
Jenkins and Jenkins Plugin are both products of Jenkins, an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins Dashboard View Plugin version 2.18 and earlier is vulnerable to a cross-site scripting...
Cross-site Scripting in Jenkins Dashboard View Plugin
Jenkins Dashboard View Plugin prior to 2.16 and 2.12.1 does not escape URLs referenced in Image Dashboard Portlets, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Configure permission. As part of this fix, the property for image URLs was changed fr...
CloudBees Jenkins Dashboard View Plugin Cross-Site Scripting Vulnerability (CNVD-2021-36583)
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...
CVE-2021-21649
CVE-2021-21649 affects Jenkins Dashboard View Plugin (versions 2.15 and earlier). The vulnerability arises from not escaping URLs in Image Dashboard Portlets, allowing stored XSS via adversaries with View/Configure permission. The in-document details specify a stored XSS impact with user-controll...
PT-2021-14692 · Jenkins · Jenkins Dashboard View Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Dashboard View Plugin versions 2.15 and earlier Jenkins Dashboard View Plugin versions prior to 2.16 Jenkins Dashboard View Plugin version 2.12.1 and earlier Description: The issue is related to a stored cross-site scripting XSS...
Jenkins 跨站脚本漏洞
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...
CloudBees Jenkins Dashboard View Plugin Cross-Site Scripting Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Dashboard View Plugin is used in which a...