4 matches found
EUVD-2022-5434
Malicious code in bioql PyPI...
CVE-2020-2316
Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2019-10308
A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users...
Cross site request forgery (csrf)
A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers to change the per-job default graph configuration for all users...