5 matches found
GHSA-GQXR-HVRW-6HFH Jenkins NS-ND Integration Performance Publisher Plugin displays credentials without masking
Jenkins NS-ND Integration Performance Publisher Plugin stores credentials in job config.xml files on the Jenkins controller as part of its configuration. While these credentials are stored encrypted on disk, in NS-ND Integration Performance Publisher Plugin 4.8.0.149 and earlier, the job...
CVE-2022-41229
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.134 and earlier does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-41227
CVE-2022-41227 : Jenkins NS-ND Integration Performance Publisher Plugin, versions 4.8.0.129 and earlier, is affected by a cross-site request forgery (CSRF) vulnerability that allows attackers to connect to an attacker-specified webserver using attacker-specified credentials. The CVSS v3.1 base sc...
CVE-2022-41227
A cross-site request forgery CSRF vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials...
CVE-2022-41227
A cross-site request forgery CSRF vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials...