17 matches found
CVE-2021-21630
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
Stored XSS vulnerability in Jenkins Extra Columns Plugin
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Additionally, a view containing such a job needs to be configured...
GHSA-WX66-PM7R-2Q82 Stored XSS vulnerability in Jenkins Extra Columns Plugin
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Additionally, a view containing such a job needs to be configured...
GHSA-MR4J-7JJV-24M7 Jenkins Extra Columns Plugin allows Cross-Site Scripting (XSS)
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
Jenkins Extra Columns Plugin allows Cross-Site Scripting (XSS)
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
CloudBees Jenkins Extra Columns Plugin Cross-Site Scripting Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...
CVE-2021-21630
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2021-21630
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
Cross site scripting
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2021-21630
CVE-2021-21630 concerns the Jenkins Extra Columns Plugin. Versions up to and including 1.22 do not escape parameter values in the build parameters column, causing a stored XSS vulnerability exploitable by attackers with Job/Configure permission. Jenkins Plugin 1.23 and later fix the issue by esca...
CVE-2021-21630
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2016-3101
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
Cross site scripting
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
CVE-2016-3101
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
CVE-2016-3101
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
CVE-2016-3101
The CVE-2016-3101 entry relates to the Jenkins Extra Columns plugin, affected versions before 1.17. The vulnerability is a Cross-Site Scripting (XSS) flaw enabled by failure to filter tool tips through the configured markup formatter, allowing remote attackers to inject arbitrary web script or HT...
CVE-2016-3101
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...