271 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +2157 more potentially affected by CVE-2010-3700 via org.acegisecurity:acegi-security (>=1.0.0 <=1.0.7)
org.acegisecurity:acegi-security MAVEN version =1.0.0, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.1, =0.1.0, =1.0, =1.17.3 and more Source cves: CVE-2010-3700 Source advisory: OSV:GHSA-3295-H9QX-R82X...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1304 more potentially affected by CVE-2015-5317 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.625.1)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.3, =1.0, =1.0, =2.2.1, =1.0.3, =1.0.0, =1.0, =1.0.0, =1.2.0 and more Source cves: CVE-2015-5317 Source advisory: OSV:GHSA-8PQX-3RXX-F5PM...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1304 more potentially affected by CVE-2015-5321 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.625.1)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.3, =1.0, =1.0, =2.2.1, =1.0.3, =1.0.0, =1.0, =1.0.0, =1.2.0 and more Source cves: CVE-2015-5321 Source advisory: SNYK:JAVA-ORGJENKINSCIMAIN-9404329...
GHSA-GP7C-XMMM-7PQR Stored Cross-site Scripting vulnerabilities in Jenkins Extended Choice Parameter Plugin
Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Stored Cross-site Scripting vulnerabilities in Jenkins Extended Choice Parameter Plugin
Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
GHSA-FCR6-6CPH-VMCM Stored XSS vulnerability in Jenkins Git Parameter Plugin
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Stored XSS vulnerability in Jenkins Git Parameter Plugin
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Jenkins Git Parameter Plugin Cross-Site Scripting Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exis...
CVE-2022-29038
Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-29040
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-29040
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Cross site scripting
Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-29040
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-29040
CVE-2022-29040 affects the Jenkins Git Parameter Plugin (version 0.9.15 and earlier). The issue is a stored XSS vulnerability caused by the plugin not escaping the name and description of Git parameters on parameter display views, enabling exploitation by attackers with Item/Configure permission....
CVE-2022-29038
CVE-2022-29038 affects Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and earlier. Root cause: the plugin does not escape the name/description of Extended Choice parameters on parameter-views, causing a stored XSS. Impact: vulnerability exploitable by attackers with Item/Configure pe...
CVE-2022-29038
Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier does not escape the name and description of Extended Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Jenkins Git Parameter Plugin跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exis...
PT-2022-19380 · Jenkins · Jenkins Git Parameter Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Git Parameter Plugin versions 0.9.15 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the name and description of Git parameters on views displaying parameters are not...
Jenkins 跨站脚本漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.A cross-site scripting vulnerability exists in the Jenkins Node and Label parameter Plugin, which stems from the applicatio...
GHSA-FQPX-XFJR-2QR9 CSRF vulnerability and missing permission checks in Jenkins Extended Choice Parameter Plugin allow SSRF
Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier does not perform a permission check on form validation methods. This allows attackers with Overall/Read permission to connect to an attacker-specified URL. Additionally, these form validation methods do not require POST requests,...