Lucene search
K

59110 matches found

NVD
NVD
added 2025/12/10 7:16 p.m.5 views

CVE-2025-64575

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS0.00205EPSS
Exploits0References1
NVD
NVD
added 2025/12/10 7:16 p.m.5 views

CVE-2025-64556

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS0.00205EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/12/10 6:30 p.m.71 views

Jenkins Coverage Plugin has a stored cross-site scripting (XSS) vulnerability

Jenkins Coverage Plugin 2.3054.ve1ff7baa123b and earlier does not validate the configured coverage results ID when creating coverage results, only when submitting the job configuration through the UI, allowing attackers with Item/Configure permission to use a javascript: scheme URL as identifier ...

8CVSS6AI score0.00257EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/12/10 6:30 p.m.6 views

EUVD-2025-202455

Jenkins Coverage Plugin has a stored cross-site scripting XSS vulnerability...

8CVSS5.2AI score0.00257EPSS
Exploits0References3
Snyk
Snyk
added 2025/12/10 6:30 p.m.4 views

Cross-site Scripting (XSS)

Overview io.jenkins.plugins:coverage is a Collects reports of code coverage or mutation coverage tools and visualizes the results. It has support for the following report formats: JaCoCo, Cobertura, and PIT. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper...

8.5CVSS5.4AI score0.00257EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/10 6:24 p.m.24 views

CVE-2025-64593 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS0.0017EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/10 6:24 p.m.2 views

CVE-2025-64593 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.1AI score0.0017EPSS
Exploits0References1
CVE
CVE
added 2025/12/10 6:24 p.m.20 views

CVE-2025-64817

Adobe Experience Manager (AEM) 6.5.23 and earlier is affected by CVE-2025-64817, a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The issue allows a low-privileged attacker to inject malicious scripts that can execute in a victim’s browser when visiting a page containi...

5.4CVSS5.1AI score0.00167EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/10 6:23 p.m.27 views

CVE-2025-64822 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS0.00205EPSS
Exploits0References1
CVE
CVE
added 2025/12/10 6:23 p.m.15 views

CVE-2025-64789

Adobe Experience Manager (AEM) versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. A low privileged attacker can inject malicious scripts, which may be executed in a victim’s browser when visiting the page containing the field. ...

5.4CVSS5.1AI score0.00205EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/10 6:23 p.m.2 views

CVE-2025-64581 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5AI score0.00205EPSS
Exploits0References1
NVD
NVD
added 2025/12/10 5:15 p.m.8 views

CVE-2025-67641

Jenkins Coverage Plugin 2.3054.ve1ff7baa123b and earlier does not validate the configured coverage results ID when creating coverage results, only when submitting the job configuration through the UI, allowing attackers with Item/Configure permission to use a javascript: scheme URL as identifier ...

8CVSS0.00257EPSS
Exploits0References1
OSV
OSV
added 2025/12/10 5:15 p.m.4 views

CVE-2025-67641

Jenkins Coverage Plugin 2.3054.ve1ff7baa123b and earlier does not validate the configured coverage results ID when creating coverage results, only when submitting the job configuration through the UI, allowing attackers with Item/Configure permission to use a javascript: scheme URL as identifier ...

5.4CVSS5.6AI score0.00257EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/10 4:50 p.m.5 views

CVE-2025-67641

Jenkins Coverage Plugin 2.3054.ve1ff7baa123b and earlier does not validate the configured coverage results ID when creating coverage results, only when submitting the job configuration through the UI, allowing attackers with Item/Configure permission to use a javascript: scheme URL as identifier ...

5.5AI score0.00257EPSS
Exploits0References1
CVE
CVE
added 2025/12/10 4:50 p.m.17 views

CVE-2025-67641

The CVE-2025-67641 entry concerns the Jenkins Coverage Plugin (versions 2.3054.ve1ff7b_a_a_123b_ and earlier). The root cause is insufficient validation of the configured coverage results ID when creating coverage results, with validation only occurring during UI-based job configuration, enabling...

8CVSS5.5AI score0.00257EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/10 4:50 p.m.31 views

CVE-2025-67641

Jenkins Coverage Plugin 2.3054.ve1ff7baa123b and earlier does not validate the configured coverage results ID when creating coverage results, only when submitting the job configuration through the UI, allowing attackers with Item/Configure permission to use a javascript: scheme URL as identifier ...

0.00257EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/12/10 1:32 p.m.4 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

9.8CVSS5.7AI score0.00422EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/10 1:32 p.m.4 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

7.3CVSS5.7AI score0.00292EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/12/10 1:32 p.m.3 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

9.8CVSS5.7AI score0.00481EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/10 1:7 p.m.7 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

9.8CVSS5.7AI score0.00422EPSS
Exploits0References5
Rows per page
Query Builder