34 matches found
CVE-2022-34188
Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-34188
Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Cross site scripting
Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-34188
Jenkins Hidden Parameter Plugin 0.0.4 and earlier does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-34188
CVE-2022-34188 describes a stored XSS vulnerability in Jenkins Hidden Parameter Plugin versions 0.0.4 and earlier, where the plugin fails to escape the name and description of Hidden Parameter parameters on parameter-displaying views. This allows attackers with Item/Configure permission to inject...
PT-2022-22056 · Jenkins · Jenkins +1
Name of the Vulnerable Software and Affected Versions: Jenkins Hidden Parameter Plugin versions 0.0.4 and earlier Description: The Jenkins Hidden Parameter Plugin does not escape the name and description of Hidden Parameter parameters on views displaying parameters, resulting in a stored cross-si...
Jenkins Plugin Hidden Parameter 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. The vulnerability stems from a failure to escape the name and description of t...
com.antelink.reporter.jenkins.plugin:AntepediaReporter-CI-plugin (>=1.7 <=1.8), com.dubture.jenkins:digitalocean-plugin (>=0.1 <=0.2) +39 more potentially affected by CVE-2014-2066 via org.jenkins-ci.main:jenkins-core (>=1.533 <=1.550)
org.jenkins-ci.main:jenkins-core MAVEN version =1.533, =1.7, =0.1, =1.53, =1.0.0, =0.1, =1.533, =1.533, =1.533, =1.533, =0.1.3, =0.1.5 and more Source cves: CVE-2014-2066 Source advisory: OSV:GHSA-8JFX-H6Q2-V4G3...
CVE-2018-15480
An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. The cloud API had a hidden parameter, which allowed an authenticated...
XSStrike v2.0 - An Advanced XSS Detection And Exploitation Suit
XSStrike is an advanced XSS detection suite. It has a powerful fuzzing engine and provides zero false positive result using fuzzy matching. XSStrike is the first XSS scanner to generate its own payloads. It is intelligent enough to detect and break out of various contexts. Made by Somdev Sangwan...
foreman: XSS in hidden parameter value switcher
Cross-site scripting XSS vulnerability in Foreman 1.7.0 and after...
Khan Academy: Unchecking hidden parameter is vulnerable to XSS-attack
Unchecking parameter Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them. http://crowdin.khanacademy.org:/login PoC prompt986874"/...
Hidden type parameters of the variables are not filtered resulting in the upload exploit a-vulnerability warning-the black bar safety net
Inadvertently saw a graphic design website, website full by the static asp configuration, done very beautiful. Sigh it's beautifully designed at the same time, could not help heart muttered, full of static asp pages can indeed prevent injection vulnerabilities, but WEB vulnerabilities is more tha...
siu guarani - Multiple Vulnerabilities
multiple remote vulnerabilities siu guarani general information ------------------- bug type : multiple remote vulnerabilities software name : SIU Guarani vendor : SIU www.siu.edu.ar authors : proudhon & Ubik date : the 341st day of the year 2008 contact : N/A description : SIU-Guarani is a web...