CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2025/05/22 10:41 p.m.•6 views

CVE-2022-28140

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.1CVSS6.7AI score0.00164EPSS

Exploits0References1

OSV•added 2023/08/16 3:30 p.m.•18 views

GHSA-HV48-HGP6-XPQF Jenkins Flaky Test Handler Plugin stored cross-site scripting vulnerability

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents. Flaky Test Handler Plugin 1.2.3 escapes...

8CVSS5.4AI score0.05763EPSS

Exploits0References3

OSV•added 2023/08/16 3:15 p.m.•20 views

CVE-2023-40342

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents...

5.4CVSS5.6AI score

Exploits0References2

Prion•added 2023/08/16 3:15 p.m.•18 views

Cross site scripting

4.9CVSS5.2AI score0.05763EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/08/16 2:32 p.m.•18 views

CVE-2023-40342

5.7AI score0.05763EPSS

Exploits0References2

NVD•added 2022/03/29 1:15 p.m.•11 views

CVE-2022-28140

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.1CVSS0.00164EPSS

Exploits0References2

CVE•added 2022/03/29 12:30 p.m.•111 views

CVE-2022-28140

CVE-2022-28140 affects Jenkins Flaky Test Handler Plugin, version 1.2.1 and earlier. The root cause is that the plugin’s XML parser is not configured to prevent XML external entity (XXE) attacks. Per CNVD/GHSA, this XXE issue can enable an attacker to extract secrets from the Jenkins controller (...

8.1CVSS7.9AI score0.00164EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/03/29 12:30 p.m.•18 views

CVE-2022-28140

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.3AI score0.00164EPSS

Exploits0References2

NVD•added 2020/08/12 2:15 p.m.•13 views

CVE-2020-2237

A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...

4.3CVSS4.6AI score0.00475EPSS

Exploits0References2

OSV•added 2020/08/12 2:15 p.m.•11 views

CVE-2020-2237

A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...

4.3CVSS6.7AI score

Exploits0References2

Prion•added 2020/08/12 2:15 p.m.•15 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...

4.3CVSS4.6AI score0.00475EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/08/12 1:25 p.m.•14 views

CVE-2020-2237

A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...

4.5AI score0.00475EPSS

Exploits0References2

CVE•added 2020/08/12 1:25 p.m.•64 views

CVE-2020-2237

The CVE-2020-2237 entry pertains to a CSRF vulnerability in Jenkins Flaky Test Handler Plugin (versions 1.0.4 and earlier). The flaw allows an attacker to trigger a rebuild of a project at a previous git revision via the plugin's Deflake this build feature due to insufficient request validation. ...

4.3CVSS4.5AI score0.00475EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by