50 matches found
GHSA-J7Q2-C6R4-X2JW Stored XSS vulnerability in Jenkins Git Parameter Plugin
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Git Parameter Plugin 0.9.13 escapes the repository field o...
GHSA-FGXC-MXVW-55MV Jenkins Git Parameter Plugin vulnerable to stored cross-site scripting (XSS)
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission...
GHSA-FCR6-6CPH-VMCM Stored XSS vulnerability in Jenkins Git Parameter Plugin
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Stored XSS vulnerability in Jenkins Git Parameter Plugin
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Jenkins Git Parameter Plugin Cross-Site Scripting Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exis...
CVE-2022-29040
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-29040
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-29040
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-29040
CVE-2022-29040 affects the Jenkins Git Parameter Plugin (version 0.9.15 and earlier). The issue is a stored XSS vulnerability caused by the plugin not escaping the name and description of Git parameters on parameter display views, enabling exploitation by attackers with Item/Configure permission....
Jenkins Git Parameter Plugin跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exis...
PT-2022-19380 · Jenkins · Jenkins Git Parameter Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Git Parameter Plugin versions 0.9.15 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the name and description of Git parameters on views displaying parameters are not...
cocoapods-downloader 参数注入漏洞
cocoapods-downloader is a small library. It is used to download files from remotes in folders. A security vulnerability exists in cocoapods-downloader, which stems from git parameter injection. The following products and versions are affected: versions prior to 1.6.0, versions prior to 1.6.2, and...
CloudBees Jenkins Git XSS Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks.LTS is a long-term support for CloudBees...
CVE-2020-2238
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2020-2238
The CVE-2020-2238 issue affects the Jenkins Git Parameter Plugin, where versions up to 0.9.12 do not escape the repository field on the Build with Parameters page, enabling a stored XSS vulnerability exploitable by attackers with Job/Configure permissions. Connected sources confirm the root cause...
CVE-2020-2238
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
PT-2020-15458 · Jenkins · Jenkins Git Parameter Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Git Parameter Plugin versions 0.9.12 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. This occurs because the repository field on the 'Build with Parameters' page is not properly escape...
CloudBees Jenkins Git Parameter plugin cross-site scripting vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A cross-site scripting vulnerability exists in the Git Parameter plugin 0.9.11 and earlier versions in CloudBees Jenkins. The vulnerability stems from the failure...
CloudBees Jenkins Git Parameter plugin cross-site scripting vulnerability (CNVD-2020-11651)
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A cross-site scripting vulnerability exists in the Git Parameter plugin 0.9.11 and earlier versions in CloudBees Jenkins. The vulnerability stems from the failure...
CVE-2020-2112
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission...