13 matches found
EUVD-2022-7357
Malicious code in bioql PyPI...
CVE-2022-45382
Jenkins Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names...
Cross-site Scripting in Jenkins Naginator Plugin
Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names. Naginator Plugin 1.18.2 escapes display nam...
GHSA-H8HF-HXX6-5G6V Cross-site Scripting in Jenkins Naginator Plugin
Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names. Naginator Plugin 1.18.2 escapes display nam...
Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.6 / 2.361.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-11-15)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.6 or 2.x prior to 2.361.3.4. It is, therefore, affected by multiple vulnerabilities including the following: - CVE-2022-38751 on snakeyaml fixed train 2.346.x.0.z BEE-237...
CVE-2022-45382
Jenkins Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names...
CVE-2022-45382
Jenkins Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names...
Cross site scripting
Jenkins Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names...
CVE-2022-45382
Jenkins Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names...
CVE-2022-45382
Jenkins Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names...
PT-2022-27484 · Jenkins · Jenkins Naginator Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Naginator Plugin versions 1.18.1 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins Naginator Plugin does not escape display names of source builds in builds...
CVE-2022-45382
Jenkins Naginator Plugin versions 1.18.1 and earlier suffer a stored XSS vulnerability: display names of source builds in Retry-triggered builds are not escaped, enabling an attacker who can edit the build name to inject script. The issue is documented under CVE-2022-45382 and is corroborated by ...
Jenkins Plugin Naginator 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A cross-site scripting...