82 matches found
EUVD-2022-1581
Malicious code in bioql PyPI...
EUVD-2022-1418
Malicious code in bioql PyPI...
EUVD-2022-1404
Malicious code in bioql PyPI...
CVE-2022-36902
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-27202
Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier does not escape the value and description of extended choice parameters of radio buttons or check boxes type, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter (>=1.0.0 <=1.0.1) potentially affected by CVE-2023-28668 via org.jenkins-ci.plugins:role-strategy (=2.1.0)
org.jenkins-ci.plugins:role-strategy MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:role-strategy and may be impacted: - com.moded.extendedchoiceparameter:dynamicextendedchoiceparameter =1.0.0, =1.0.1 Source...
The vulnerability of the Jenkins Dynamic Extended Choice Parameter Plugin exists due to the lack of measures taken to protect the structure of web pages. This allows attackers to carry out XSS attacks.
The vulnerability of the Jenkins Dynamic Extended Choice Parameter Plugin exists due to the lack of security measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...
Stored XSS vulnerability in Jenkins Dynamic Extended Choice Parameter plugin
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
GHSA-JVVX-HMMR-RHGG Stored XSS vulnerability in Jenkins Dynamic Extended Choice Parameter plugin
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-36902
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-36902
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Cross site scripting
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-36902
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-36902
Jenkins Dynamic Extended Choice Parameter Plugin versions 1.0.1 and earlier are affected by a stored XSS vulnerability in Moded Extended Choice parameters because several fields are not escaped. This can be exploited by attackers with Item/Configure permissions. Affected products: Jenkins Dynamic...
PT-2022-4040 · Jenkins · Jenkins Dynamic Extended Choice Parameter Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Dynamic Extended Choice Parameter Plugin versions 1.0.1 and earlier Description: The issue exists due to inadequate protection of the web page structure, allowing a remote attacker to conduct a cross-site scripting XSS attack. This...
GHSA-7558-6Q45-6X7M Cross-site Scripting in Jenkins Dynamic Extended Choice Parameter Plugin
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Cross-site Scripting in Jenkins Dynamic Extended Choice Parameter Plugin
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-34186
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-34186
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-34186
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape the name and description of Moded Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...