83 matches found
CVE-2026-0685
CVE-2026-0685 affects the Genshi Template Engine (version 0.7.9). The SSTI vulnerability arises in the expression evaluation component due to unsafe use of Python’s eval() and exec() with fallback to Python built-ins, enabling arbitrary code execution if an attacker can influence template express...
EUVD-2005-4300
Malware in sbrugna...
EUVD-2006-2107
Malware in sbrugna...
EUVD-2005-3975
Malware in sbrugna...
EUVD-2005-2009
Malware in sbrugna...
EUVD-2005-0001
Malware in sbrugna...
EUVD-2005-4060
Malware in sbrugna...
EUVD-2006-0005
Malware in sbrugna...
EUVD-2023-2768
Malicious code in bioql PyPI...
CVE-2005-2007
Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier allows remote attackers to read or write arbitrary files via a .. dot dot in the id parameter to the 1 upload or 2 attachment scripts...
GHSA-JWX3-2HQ3-682C Jenkins Edgewall Trac Plugin vulnerable to Stored XSS
Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix...
Jenkins Edgewall Trac Plugin vulnerable to Stored XSS
Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix...
Cross site scripting
Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2023-46659
Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2023-46659
Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2023-46659
CVE-2023-46659 concerns Jenkins Builder: Edgewall Trac Plugin versions 1.13 and earlier. The vulnerability is a stored cross-site scripting (XSS) issue caused by the plugin not escaping the Trac website URL on the build page. Exploitation requires Item/Configure permission, enabling an attacker t...
Jenkins Plugin Edgewall Trac Cross-Site Scripting Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2023-30145 · Jenkins · Jenkins Edgewall Trac Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Edgewall Trac Plugin versions 1.13 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability because the Trac website URL on the build page is not escaped. This vulnerability is exploitable by...
GHSA-2Q26-R8C4-JFX5 Edgewall Trac Cross-site request forgery (CSRF) vulnerability
Cross-site request forgery CSRF vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors...
Edgewall Trac Cross-site request forgery (CSRF) vulnerability
Cross-site request forgery CSRF vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors...