19 matches found
CVE-2021-21630
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
GHSA-WX66-PM7R-2Q82 Stored XSS vulnerability in Jenkins Extra Columns Plugin
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Additionally, a view containing such a job needs to be configured...
Stored XSS vulnerability in Jenkins Extra Columns Plugin
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Additionally, a view containing such a job needs to be configured...
GHSA-MR4J-7JJV-24M7 Jenkins Extra Columns Plugin allows Cross-Site Scripting (XSS)
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
Jenkins Extra Columns Plugin allows Cross-Site Scripting (XSS)
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
CloudBees Jenkins Extra Columns Plugin Cross-Site Scripting Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...
CVE-2021-21630
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2021-21630
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
Cross site scripting
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2021-21630
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2021-21630
CVE-2021-21630 concerns the Jenkins Extra Columns Plugin. Versions up to and including 1.22 do not escape parameter values in the build parameters column, causing a stored XSS vulnerability exploitable by attackers with Job/Configure permission. Jenkins Plugin 1.23 and later fix the issue by esca...
Jenkins Extra Columns 跨站脚本漏洞
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...
PT-2021-14673 · Jenkins · Jenkins Extra Columns Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Extra Columns Plugin versions 1.22 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability due to the plugin not escaping parameter values in the build parameters column. This vulnerability is...
CVE-2016-3101
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
Cross site scripting
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
CVE-2016-3101
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
CVE-2016-3101
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
CVE-2016-3101
Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...
CVE-2016-3101
The CVE-2016-3101 entry relates to the Jenkins Extra Columns plugin, affected versions before 1.17. The vulnerability is a Cross-Site Scripting (XSS) flaw enabled by failure to filter tool tips through the configured markup formatter, allowing remote attackers to inject arbitrary web script or HT...