Lucene search
+L

8 matches found

osv
osv
added 2026/06/10 3:31 p.m.10 views

GHSA-93QH-VWRM-C5PW Jenkins: Stored XSS vulnerability in node offline cause description

Jenkins 2.483 through 2.567 both inclusive, LTS 2.492.1 through 2.555.2 both inclusive does not escape the user-provided description of a generic offline cause that could be set through the POST config.xml API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers...

8CVSS4.9AI score0.00261EPSS
Exploits0References4
osv
osv
added 2026/06/10 2:16 p.m.3 views

CVE-2026-53441

Jenkins 2.483 through 2.567 both inclusive, LTS 2.492.1 through 2.555.2 both inclusive does not escape the user-provided description of a generic offline cause that could be set through the POST config.xml API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers...

5.4CVSS5.8AI score
Exploits0References1
nvd
nvd
added 2026/06/10 2:16 p.m.14 views

CVE-2026-53441

Jenkins 2.483 through 2.567 both inclusive, LTS 2.492.1 through 2.555.2 both inclusive does not escape the user-provided description of a generic offline cause that could be set through the POST config.xml API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers...

5.4CVSS0.00261EPSS
Exploits0References1
nvd
nvd
added 2026/02/18 3:18 p.m.6 views

CVE-2026-27099

Jenkins 2.483 through 2.550 both inclusive, LTS 2.492.1 through 2.541.1 both inclusive does not escape the user-provided description of the "Mark temporarily offline" offline cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure or...

8CVSS0.00505EPSS
Exploits0References1
cvelist
cvelist
added 2026/02/18 2:17 p.m.29 views

CVE-2026-27099

Jenkins 2.483 through 2.550 both inclusive, LTS 2.492.1 through 2.541.1 both inclusive does not escape the user-provided description of the "Mark temporarily offline" offline cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure or...

0.00505EPSS
Exploits0References1
alpinelinux
alpinelinux
added 2026/02/18 2:17 p.m.5 views

CVE-2026-27099

Jenkins 2.483 through 2.550 both inclusive, LTS 2.492.1 through 2.541.1 both inclusive does not escape the user-provided description of the "Mark temporarily offline" offline cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure or...

8CVSS5.1AI score0.00505EPSS
Exploits0References1
cve
cve
added 2026/02/18 2:17 p.m.45 views

CVE-2026-27099

Jenkins CVE-2026-27099 affects Jenkins versions 2.483–2.550 (and LTS 2.492.1–2.541.1) where the description for the “Mark temporarily offline” offline cause is not escaped, causing stored cross-site scripting (XSS). The vulnerability can be exploited by attackers with Agent/Configure or Agent/Dis...

8CVSS5.1AI score0.00505EPSS
Exploits0References1Affected Software1
freebsd
freebsd
added 2026/02/18 12:0 a.m.6 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description High SECURITY-3669 / CVE-2026-27099 Stored XSS vulnerability in node offline cause description Medium SECURITY-3658 / CVE-2026-27100 Build information disclosure vulnerability through Run Parameter...

8CVSS5.4AI score0.00505EPSS
Exploits0References1
Rows per page
Query Builder