Lucene search
K

6 matches found

OSV
OSV
added 2022/05/14 3:23 a.m.25 views

GHSA-Q7JX-R75R-HGJ2 Jenkins Cucumber Living Documentation Plugin Cross-site Scripting vulnerability

A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseActiondoDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these...

6.1CVSS6AI score0.00861EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/14 3:23 a.m.20 views

Jenkins Cucumber Living Documentation Plugin Cross-site Scripting vulnerability

A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseActiondoDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these...

6.1CVSS3.4AI score0.00861EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/04/05 1:29 p.m.17 views

CVE-2018-1000144

A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseActiondoDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these...

6.1CVSS6.3AI score
Exploits0References1
NVD
NVD
added 2018/04/05 1:29 p.m.35 views

CVE-2018-1000144

A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseActiondoDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these...

6.1CVSS6.1AI score0.00861EPSS
Exploits0References1
Prion
Prion
added 2018/04/05 1:29 p.m.13 views

Cross site scripting

A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseActiondoDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these...

4.3CVSS6AI score0.00861EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/04/05 1:0 p.m.70 views

CVE-2018-1000144

CVE-2018-1000144 affects Jenkins in the Cucumber Living Documentation Plugin (versions 1.0.12 and older). The root cause is in CukedoctorBaseAction#doDynamic, which disables the Content-Security-Policy for archived artifacts and workspace files, allowing an attacker who can control those files to...

6.1CVSS6AI score0.00861EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder