Lucene search
K

7 matches found

OSV
OSV
added 2022/05/24 5:23 p.m.1 views

GHSA-864V-5Q2G-FR64 Stored XSS vulnerability in Jenkins 'keep forever' badge icon

Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the job name in the 'Keep this build forever' badge tooltip. This results in a stored cross-site scripting XSS vulnerability exploitable by users able to configure job names. As job names do not generally support the character set...

8CVSS6AI score0.01126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/23 12:46 p.m.4 views

jenkins: Stored XSS vulnerability in 'keep forever' badge icons

A flaw was found in jenkins in versions prior to 2.244 and versions prior to LTS 2.235.1. Job names in the 'Keep this build forever' badge tooltip are not properly escaped which results in a stored cross-site scripting XSS vulnerability exploitable by users able to configure job names. The highes...

5.4CVSS5.8AI score0.01126EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/27 10:15 a.m.5 views

jenkins: Stored XSS vulnerability in 'keep forever' badge icons

A flaw was found in jenkins in versions prior to 2.244 and versions prior to LTS 2.235.1. Job names in the 'Keep this build forever' badge tooltip are not properly escaped which results in a stored cross-site scripting XSS vulnerability exploitable by users able to configure job names. The highes...

5.4CVSS5.8AI score0.01126EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/25 6:10 a.m.4 views

jenkins: Stored XSS vulnerability in 'keep forever' badge icons

A flaw was found in jenkins in versions prior to 2.244 and versions prior to LTS 2.235.1. Job names in the 'Keep this build forever' badge tooltip are not properly escaped which results in a stored cross-site scripting XSS vulnerability exploitable by users able to configure job names. The highes...

5.4CVSS5.8AI score0.01126EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/24 2:53 p.m.2 views

jenkins: Stored XSS vulnerability in 'keep forever' badge icons

A flaw was found in jenkins in versions prior to 2.244 and versions prior to LTS 2.235.1. Job names in the 'Keep this build forever' badge tooltip are not properly escaped which results in a stored cross-site scripting XSS vulnerability exploitable by users able to configure job names. The highes...

5.4CVSS5.8AI score0.01126EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/07/16 12:0 a.m.39 views

FreeBSD : jenkins -- multiple vulnerabilities (1ddab5cb-14c9-4632-959f-802c412a9593)

Jenkins Security Advisory : DescriptionHigh SECURITY-1868 / CVE-2020-2220 Stored XSS vulnerability in job build time trend High SECURITY-1901 / CVE-2020-2221 Stored XSS vulnerability in upstream cause High SECURITY-1902 / CVE-2020-2222 Stored XSS vulnerability in 'keep forever' badge icons High...

5.4CVSS5.5AI score0.01126EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2020/07/15 12:0 a.m.43 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description High SECURITY-1868 / CVE-2020-2220 Stored XSS vulnerability in job build time trend High SECURITY-1901 / CVE-2020-2221 Stored XSS vulnerability in upstream cause High SECURITY-1902 / CVE-2020-2222 Stored XSS vulnerability in 'keep forever' badge icons High...

5.4CVSS0.2AI score0.01126EPSS
Exploits0References1
Rows per page
Query Builder