4 matches found
Cross-site Scripting (XSS)
Overview org.jenkins-ci:winstone is a command line wrapper around Jetty. Affected versions of this package are vulnerable to Cross-site Scripting XSS via error messages. An attacker can inject arbitrary web script or HTML by crafting malicious input that triggers these error messages. Details...
Critical Jenkins Server Vulnerability Could Leak Sensitive Information
Jenkins—a popular open-source automation server software—published an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed. Tracked as CVE-2019-17638, the flaw has a CVSS rating of...
Fedora Update for jenkins-winstone FEDORA-2014-15776
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 21 Update: jenkins-winstone-2.8-1.fc21
Winstone is a servlet container that was written out of a desire to provide servlet functionality without the bloat that full J2EE compliance introduces...