EUVD-2022-1542

Malicious code in bioql PyPI...

CVE-2022-28140

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

GHSA-HV48-HGP6-XPQF Jenkins Flaky Test Handler Plugin stored cross-site scripting vulnerability

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents. Flaky Test Handler Plugin 1.2.3 escapes...

Jenkins Flaky Test Handler Plugin stored cross-site scripting vulnerability

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents. Flaky Test Handler Plugin 1.2.3 escapes...

CVE-2023-40342

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents...

CVE-2023-40342

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents...

Cross site scripting

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents...

CVE-2023-40342

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents...

CVE-2023-40342

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents...

CVE-2023-40342

CVE-2023-40342 affects the Jenkins Flaky Test Handler Plugin (versions 1.2.2 and earlier). The vulnerability arises because the plugin does not escape JUnit test contents when displaying results in the Jenkins UI, leading to a stored cross-site scripting (XSS) flaw that can be triggered by an att...

Jenkins Plugin Flaky Test Handler 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...

CSRF vulnerability in Jenkins Flaky Test Handler Plugin

Flaky Test Handler Plugin 1.0.4 and earlier does not require POST requests for the "Deflake this build" feature, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild a project at a previous git revision where the tests were failing...

GHSA-VJF8-XW6C-WJHQ CSRF vulnerability in Jenkins Flaky Test Handler Plugin

Flaky Test Handler Plugin 1.0.4 and earlier does not require POST requests for the "Deflake this build" feature, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild a project at a previous git revision where the tests were failing...

Jenkins Flaky Test Handler Plugin XML External Entity Injection Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins Flaky Test Handler Plugin 1.2.1...

GHSA-V4RR-65X6-G69F XXE vulnerability in Jenkins Flaky Test Handler Plugin

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

XXE vulnerability in Jenkins Flaky Test Handler Plugin

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-28140

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-28140

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

Xxe

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-28140

CVE-2022-28140 affects Jenkins Flaky Test Handler Plugin, version 1.2.1 and earlier. The root cause is that the plugin’s XML parser is not configured to prevent XML external entity (XXE) attacks. Per CNVD/GHSA, this XXE issue can enable an attacker to extract secrets from the Jenkins controller (...