etracker - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-074

The module adds the etracker web statistics tracking system to your website. The cookiesetracker submodule allows the inline JavaScript to be included in consent management. However, this does not adequately check whether the provided JavaScript code originates from authorized users. A potential...

CVE-2024-52552

Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...