72 matches found
Cross site scripting
kirby is a content management system CMS that adapts to many different projects and helps you build your own ideal interface. Cross-site scripting XSS is a type of vulnerability that allows execution of any kind of JavaScript code inside the Panel session of the same or other users. In the Panel,...
CVE-2022-36037 Cross-site scripting (XSS) from dynamic options in the multiselect field in Kirby
kirby is a content management system CMS that adapts to many different projects and helps you build your own ideal interface. Cross-site scripting XSS is a type of vulnerability that allows execution of any kind of JavaScript code inside the Panel session of the same or other users. In the Panel,...
CVE-2022-36037 Cross-site scripting (XSS) from dynamic options in the multiselect field in Kirby
kirby is a content management system CMS that adapts to many different projects and helps you build your own ideal interface. Cross-site scripting XSS is a type of vulnerability that allows execution of any kind of JavaScript code inside the Panel session of the same or other users. In the Panel,...
CVE-2022-36037 Cross-site scripting (XSS) from dynamic options in the multiselect field in Kirby
kirby is a content management system CMS that adapts to many different projects and helps you build your own ideal interface. Cross-site scripting XSS is a type of vulnerability that allows execution of any kind of JavaScript code inside the Panel session of the same or other users. In the Panel,...
Cross-site scripting from dynamic options in the multiselect field
Introduction Cross-site scripting XSS is a type of vulnerability that allows to execute any kind of JavaScript code inside the Panel session of the same or other users. In the Panel, a harmful script can for example trigger requests to Kirby's API with the permissions of the victim. Such...
GHSA-3F89-869F-5W76 Cross-site scripting from dynamic options in the multiselect field
Introduction Cross-site scripting XSS is a type of vulnerability that allows to execute any kind of JavaScript code inside the Panel session of the same or other users. In the Panel, a harmful script can for example trigger requests to Kirby's API with the permissions of the victim. Such...
Malicious code in deere-ui-multiselect (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc9d34c6fcae292047f5c4942fc8c169901958ab5f25ab865d02e733c499e5c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2410 Malicious code in deere-ui-multiselect (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc9d34c6fcae292047f5c4942fc8c169901958ab5f25ab865d02e733c499e5c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview deere-ui-multiselect is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
MAL-2022-3844 Malicious code in init-epic-link-multiselect (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3034c2a4a413d05090716b1944806f291ac0dc48a86d8650c67cf39f882b37a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Jenkins Multiselect parameter Plugin跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plug-ins to support building, deploying, and automating any project. Jenkins Multiselect parameter Plugin 1.3 and earlier versions have a cross-si...
Cross-site Scripting in Jenkins Multiselect parameter Plugin
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters. This results in stored cross-site scripting XSS vulnerabilities exploitable by attackers with Item/Configure permission. Exploitation of this...
GHSA-H3V9-46PP-H33W Cross-site Scripting in Jenkins Multiselect parameter Plugin
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters. This results in stored cross-site scripting XSS vulnerabilities exploitable by attackers with Item/Configure permission. Exploitation of this...
CVE-2022-30964
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30964
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30964
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Cross site scripting
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30964
Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30964
The CVE-2022-30964 entry describes a stored XSS vulnerability in Jenkins Multiselect Parameter Plugin (versions up to 1.3). Root cause: the plugin fails to escape the name and description of Multiselect parameters on views that display parameters. Impact: exploitable by attackers with Item/Config...
Jenkins Multiselect parameter Plugin 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plug-ins to support building, deploying, and automating any project. Jenkins Multiselect parameter Plugin 1.3 and earlier versions have a cross-si...