Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.13 views

PT-2026-7326

Zed is a multiplayer code editor. Prior to 0.219.4, Zed does not show with which parameters a tool is being invoked, when asking for allowance. Further it does not show after the tool was being invoked, which parameters were used. Thus, maybe unwanted or even malicious values could be used withou...

6.4CVSS5.6AI score0.00239EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2024/04/15 12:0 a.m.5 views

The vulnerability of the Jenkins automation server arises from improper handling of input during the creation of web pages. This allows attackers to carry out attacks using XSS techniques, with the ability to manipulate files in the working areas.

The vulnerability of the Jenkins automation server relates to the absence of a protection mechanism for the value of the “caption” parameter in the ExpandableDetailsNote configuration. Exploiting this vulnerability allows an attacker to carry out attacks using XSS techniques, with the ability to...

5.5CVSS6.5AI score0.00883EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2023/09/20 6:30 p.m.3 views

GHSA-5J46-5HWQ-GWH7 Jenkins Cross-site Scripting vulnerability

ExpandableDetailsNote allows annotating build log content with additional information that can be revealed when interacted with. Jenkins 2.423 and earlier, LTS 2.414.1 and earlier does not escape the value of the caption constructor parameter of ExpandableDetailsNote. This results in a stored...

8CVSS5.8AI score0.00883EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/20 12:0 a.m.4 views

PT-2023-8996 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.423 and earlier, LTS versions 2.414.1 and earlier Description: The issue is related to the lack of escaping of the caption constructor parameter value of ExpandableDetailsNote, resulting in a stored cross-site scripting XSS...

8CVSS7.3AI score0.00883EPSS
Exploits0References16
Rows per page
Query Builder