9 matches found
EUVD-2022-2338
Malicious code in bioql PyPI...
CVE-2021-21619
Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either via the security realm, or directly inside Jenkins...
CVE-2021-21620
A cross-site request forgery CSRF vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims...
GHSA-48HR-JG4P-W4P4 XSS vulnerability in Jenkins Claim Plugin
Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name shown in claims. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either via the security realm, or directly inside...
CloudBees Jenkins Claim Plugin Cross-Site Scripting Vulnerability
Jenkins Claim is an open source application plugin for Jenkins. Provides users to declare failed builds and tests from Jenkins to show that they are responsible for fixing them . A cross-site script execution vulnerability exists in Jenkins Claim Plugin version 2.18.1 and earlier. The vulnerabili...
CloudBees Jenkins Claim Plugin Cross-Site Request Forgery Vulnerability
Jenkins Claim is a Jenkins open source application plug-in . A cross-site request forgery vulnerability exists in Jenkins Claim Plugin version 2.18.1 and earlier. The vulnerability stems from the program not making a POST request to the form submission endpoint of the assigned claim. An attacker...
CVE-2021-21620
A cross-site request forgery CSRF vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims...
Jenkins Claim Plugin 跨站脚本漏洞
Jenkins Claim is an open source application plugin for Jenkins. Provides users to declare failed builds and tests from Jenkins to show that they are responsible for fixing them . A cross-site script execution vulnerability exists in Jenkins Claim Plugin version 2.18.1 and earlier. The vulnerabili...
PT-2021-14663 · Jenkins · Jenkins Claim Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Claim Plugin versions 2.18.1 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to change claims. This issue arises because the form submission endpoint for assigning claims does not require POST...