EUVD-2022-3038

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2020-2096

Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the buildnow endpoint, resulting in a reflected XSS vulnerability...

CVE-2018-1000196

A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlabnotifier.rb, views/gitlabnotifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser e.g. malicious...

GHSA-7P4P-V6HR-GP3M Jenkins Gitlab Hook Plugin stores and displays GitLab API token in plain text

A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlabnotifier.rb, views/gitlabnotifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser e.g. malicious...

Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Author: Ai Ho Vendor Homepage : https://jenkins.io/ Effective version : Gitlab Hook Plugin 1.4.2 and earlier References:...

Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting

Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Author: Ai Ho Vendor Homepage : https://jenkins.io/ Effective version : Gitlab Hook Plugin 1.4.2 and earlier References:...

Jenkins Gitlab Hook 1.4.2 Cross Site Scripting

Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Author: Ai Ho Vendor Homepage : https://jenkins.io/ Effective version : Gitlab Hook Plugin 1.4.2 and earlier References: https://jenkins.io/security/advisory/2020-01-15/ CVE: CVE-2020-2096 PoC:...

Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting

Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Author: Ai Ho Vendor Homepage : https://jenkins.io/ Effective version : Gitlab Hook Plugin 1.4.2 and earlier References: https://jenkins.io/security/advisory/2020-01-15/ CVE: CVE-2020-2096 PoC:...

CVE-2020-2096

Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the buildnow endpoint, resulting in a reflected XSS vulnerability...

CVE-2020-2096

Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the buildnow endpoint, resulting in a reflected XSS vulnerability...

CVE-2020-2096

Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the buildnow endpoint, resulting in a reflected XSS vulnerability...

CVE-2020-2096

CVE-2020-2096 affects Jenkins Gitlab Hook Plugin ≤ 1.4.2. The build_now endpoint fails to escape project names, causing a reflected XSS vulnerability. Impact: attacker can run arbitrary JavaScript in the victim’s browser. PoC exists (e.g., build_now%3Csvg/onload=alert(document.domain)%3E). Remedi...

CloudBees Jenkins Gitlab Hook Plugin Information Disclosure Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Gitlab Hook Plugin is used in one of...

Information disclosure

A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlabnotifier.rb, views/gitlabnotifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser e.g. malicious...

CVE-2018-1000196

A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlabnotifier.rb, views/gitlabnotifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser e.g. malicious...

CVE-2018-1000196

A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlabnotifier.rb, views/gitlabnotifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser e.g. malicious...

CVE-2018-1000196

A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlabnotifier.rb, views/gitlabnotifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser e.g. malicious...

CVE-2018-1000196

CVE-2018-1000196 affects CloudBees/Jenkins Gitlab Hook Plugin 1.4.2 and older, where the files gitlab_notifier.rb and views/gitlab_notifier/global.erb expose the configured GitLab token. The vulnerability allows attackers who can access the Jenkins master filesystem or a compromised Jenkins admin...