EUVD-2022-2135

Malicious code in bioql PyPI...

CVE-2018-1000202

A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...

GHSA-38CH-X695-M794 Jenkins Groovy Postbuild Plugin vulnerable to Cross-site Scripting

A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...

org.jenkins-ci.plugins:vectorcast-execution (>=0.16 <=0.61) potentially affected by CVE-2018-1000202 via org.jvnet.hudson.plugins:groovy-postbuild (=2.3)

org.jvnet.hudson.plugins:groovy-postbuild MAVEN version =2.3 is affected by a known vulnerability. The following packages have a transitive dependency on org.jvnet.hudson.plugins:groovy-postbuild and may be impacted: - org.jenkins-ci.plugins:vectorcast-execution =0.16, =0.61 Source cves:...

CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2018-11102)

CloudBees Jenkins is the U.S. CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Groovy Postbuild Plugin is to use one of the...

Cross-site Scripting (XSS)

groovy-postbuild is vulnerable to cross-site scripting XSS attacks. The library does not escape user input for badge content, allowing a malicious user to inject and execute arbitrary Javascript...

Cross site scripting

A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...

CVE-2018-1000202

A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...

CVE-2018-1000202

A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...

CVE-2018-1000202

CVE-2018-1000202 is a persisted cross-site scripting vulnerability affecting Jenkins Groovy Postbuild Plugin (versions 2.3.1 and earlier). The issue arises in various Jelly files that allow an attacker who can control build badge content to inject JavaScript executed in another user’s browser dur...

Cross-Site Scripting (XSS)

Groovy Postbuild is vulnerable to cross-site scripting XSS. The vulnerability can happen when a malicious input for badge content is passed without XSS-string escaping...