EUVD-2022-5382

Malicious code in bioql PyPI...

EUVD-2022-4258

Malicious code in bioql PyPI...

CVE-2020-2292

Jenkins Release Plugin 2.10.2 and earlier does not escape the release version in badge tooltip, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Release/Release permission...

SUSE CVE-2018-1000013

Jenkins Release Plugin 2.9 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to trigger release builds...

CVE-2020-2292

Jenkins Release Plugin 2.10.2 and earlier does not escape the release version in badge tooltip, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Release/Release permission...

Cross site scripting

Jenkins Release Plugin 2.10.2 and earlier does not escape the release version in badge tooltip, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Release/Release permission...

PT-2020-15522 · Jenkins · Jenkins Release Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Release Plugin versions 2.10.2 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the release version in the badge tooltip is not properly escaped. Attackers with...

CVE-2019-16550

A cross-site request forgery vulnerability in a connection test form method in Jenkins Maven Release Plugin 0.16.1 and earlier allows attackers to have Jenkins connect to an attacker specified web server and parse XML documents...