Lucene search
K

5 matches found

CNVD
CNVD
added 2020/10/21 12:0 a.m.1 views

CloudBees Jenkins Locked Files Report Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site script execution...

5.4CVSS6.3AI score0.00735EPSS
Exploits0References1
OSV
OSV
added 2020/09/16 2:15 p.m.15 views

CVE-2020-2271

Jenkins Locked Files Report Plugin 1.6 and earlier does not escape locked files' names in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.4CVSS5.5AI score
Exploits0References2
NVD
NVD
added 2020/09/16 2:15 p.m.15 views

CVE-2020-2271

Jenkins Locked Files Report Plugin 1.6 and earlier does not escape locked files' names in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.4CVSS0.00735EPSS
Exploits0References2
CVE
CVE
added 2020/09/16 1:20 p.m.73 views

CVE-2020-2271

CVE-2020-2271 affects Jenkins Locked Files Report Plugin (versions ≤ 1.6). The issue is a stored XSS where locked files’ names are not escaped in tooltips, exploitable by attackers with Job/Configure permission. Root cause: insufficient escaping in tooltip rendering. Impact is XSS within Jenkins ...

5.4CVSS5.2AI score0.00735EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/09/16 12:0 a.m.4 views

PT-2020-15496 · Jenkins · Jenkins Locked Files Report Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Locked Files Report Plugin versions 1.6 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because locked files' names in tooltips are not properly escaped. This can be exploite...

8CVSS5AI score0.00735EPSS
Exploits0References6
Rows per page
Query Builder