Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

168 matches found

Microsoft CVE
Microsoft CVEadded 2020/09/25 7:0 a.m.4 views

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation resulting in a stored cross-site scripting vulnerability.

...

5.4CVSS7AI score0.00127EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2020/09/25 7:0 a.m.3 views

An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users.

...

5.3CVSS7AI score0.11087EPSS
Exploits2
Microsoft CVE
Microsoft CVEadded 2020/09/25 12:0 a.m.3 views

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier

...

4.3CVSS7AI score0.00651EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2020/09/25 12:0 a.m.4 views

A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.

...

6.4CVSS7AI score0.00039EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2020/09/09 3:23 p.m.1 views

jenkins-git-plugin: stored cross-site scripting

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.4CVSS5.6AI score0.00127EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2020/06/29 2:37 p.m.2 views

jenkins-git-plugin: stored cross-site scripting

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.4CVSS5.6AI score0.00127EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2020/06/17 10:38 p.m.1 views

jenkins-git-plugin: stored cross-site scripting

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.4CVSS5.6AI score0.00127EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2020/04/09 11:23 a.m.23 views

CVE-2019-1003010

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

4.6CVSS5.1AI score0.00651EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2020/03/31 7:56 a.m.17 views

CVE-2020-2136

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.4CVSS1.1AI score0.00127EPSS
Exploits0References4
Gitee
Giteeadded 2020/03/28 4:54 p.m.3 views

Exploit for Incorrect Authorization in Jenkins Git

CVE-2018-1000110: User and Node Enumeration Through Jenkins Git Plugin v3.7 Description: An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users. Versions...

5.3CVSS6.8AI score0.11087EPSS
Exploits2
CNVD
CNVDadded 2020/03/10 12:0 a.m.3 views

Git Plugin Stored XSS Injection Vulnerability

Git is a free, open source distributed version control system. Git Plugin Stored suffers from an XSS injection vulnerability, which allows an attacker to conduct an xss attack on the corresponding program to obtain other information on a system or file...

5.4CVSS6.3AI score0.00127EPSS
Exploits0References1
NVD
NVDadded 2020/03/09 4:15 p.m.9 views

CVE-2020-2136

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.4CVSS6.6AI score0.00127EPSS
Exploits0References2
OSV
OSVadded 2020/03/09 4:15 p.m.16 views

CVE-2020-2136

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.4CVSS5.7AI score
Exploits0References2
Prion
Prionadded 2020/03/09 4:15 p.m.15 views

Cross site scripting

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

3.5CVSS5.3AI score0.00127EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinuxadded 2020/03/09 3:0 p.m.25 views

CVE-2020-2136

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.4CVSS1.1AI score0.00127EPSS
Exploits0References2
Cvelist
Cvelistadded 2020/03/09 3:0 p.m.14 views

CVE-2020-2136

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.8AI score0.00127EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2020/03/09 12:0 a.m.1 views

PT-2020-15345 · Jenkins · Jenkins Git Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Git Plugin versions 4.2.0 and earlier Description: The issue results from the failure to escape the error message for the repository URL for Microsoft TFS field form validation, leading to a stored cross-site scripting issue...

5.4CVSS6.4AI score0.00127EPSS
Exploits0References6
Gitee
Giteeadded 2020/02/25 7:21 p.m.3 views

Exploit for Incorrect Authorization in Jenkins Git

CVE-2018-1000110: User and Node Enumeration Through Jenkins Git Plugin v3.7 Description: An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users. Versions...

5.3CVSS6.9AI score0.11087EPSS
Exploits2
Prion
Prionadded 2019/02/06 4:29 p.m.20 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

4.3CVSS4.4AI score0.00651EPSS
Exploits0References3Affected Software2
NVD
NVDadded 2019/02/06 4:29 p.m.18 views

CVE-2019-1003010

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

4.3CVSS4.4AI score0.00651EPSS
Exploits0References3
Rows per page
Query Builder