38 matches found
EUVD-2022-3497
Malicious code in bioql PyPI...
EUVD-2022-4091
Malicious code in bioql PyPI...
EUVD-2022-3745
Malicious code in bioql PyPI...
CVE-2020-2093
A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers to send an email with fixed content to an attacker-specified recipient...
Cross-site Scripting (XSS)
org.jenkins-ci.plugins:cloudbees-jenkins-advisor is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper output encoding due to failure to escape responses from the Jenkins Health Advisor server, allowing attackers to inject scripts through controlled server responses...
CVE-2025-47885
Jenkins Health Advisor by CloudBees Plugin 374.v194bd4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses...
Cross-site Scripting (XSS)
Overview org.jenkins-ci.plugins:cloudbees-jenkins-advisor is a plugin that proactively notifies you of problems with your Jenkins-based environment. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the failure to escape responses from the server. An attacker can...
GHSA-XRPQ-4G9W-QRWJ Jenkins Health Advisor by CloudBees Plugin Vulnerable to Cross-Site Scripting
Jenkins Health Advisor by CloudBees Plugin 374.v194bd4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses...
Jenkins Health Advisor by CloudBees Plugin Vulnerable to Cross-Site Scripting
Jenkins Health Advisor by CloudBees Plugin 374.v194bd4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses...
CVE-2025-47885
Jenkins Health Advisor by CloudBees Plugin 374.v194bd4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses...
CVE-2025-47885
Jenkins Health Advisor by CloudBees Plugin 374.v194bd4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses...
CVE-2025-47885
CVE-2025-47885 affects Jenkins Health Advisor by CloudBees Plugin (374.v194b_d4f0c8c8 and earlier). The root cause is failure to escape responses from the Jenkins Health Advisor server, resulting in a stored XSS vulnerability that can be exploited by an attacker who can control server responses. ...
CVE-2025-47885
Jenkins Health Advisor by CloudBees Plugin 374.v194bd4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses...
CVE-2025-47885
Jenkins Health Advisor by CloudBees Plugin 374.v194bd4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses...
CVE-2025-47885
Jenkins Health Advisor by CloudBees Plugin 374.v194bd4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses...
Jenkins plugin Health Advisor by CloudBees 跨站脚本漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security vulnerability...
PT-2025-21238 · Cloudbees +1 · Jenkins Health Advisor By Cloudbees Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Health Advisor by CloudBees Plugin versions 374.v194b d4f0c8c8 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the plugin does not escape responses from the Jenkins...
GHSA-C445-XM3F-HMFH Incorrect permission check in Health Advisor by CloudBees Plugin
Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to view an administrative configuration page. Health Advisor by CloudBees Plugin 3.2.1 requires Overall/Administer to view its...
Incorrect permission check in Health Advisor by CloudBees Plugin
Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to view an administrative configuration page. Health Advisor by CloudBees Plugin 3.2.1 requires Overall/Administer to view its...
GHSA-H72V-652W-XV64 Missing permission checks in Health Advisor by CloudBees Plugin
Health Advisor by CloudBees Plugin 3.0 and earlier does not perform permission checks in methods performing form validation. This allows users with Overall/Read access to send an email with fixed content to an attacker-specified recipient. Additionally, these form validation methods do not requir...