CVE-2021-21635

Jenkins REST List Parameter Plugin 1.3.0 and earlier does not escape a parameter name reference in embedded JavaScript, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

Jenkins REST List Parameter 跨站脚本漏洞

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

CloudBees Jenkins Artifact Repository Parameter Plugin Cross-Site Scripting Vulnerability

Jenkins Artifact Repository Parameter is a Jenkins open source application plugin . Provides to make the artifact repository of certain information can be used as Jenkins build parameters. A cross-site script execution vulnerability exists in Jenkins Artifact Repository Parameter Plugin 1.0.0 and...

CVE-2021-21622

Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

Cross site scripting

Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

CVE-2021-21622

Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

CVE-2021-21622

CVE-2021-21622 affects Jenkins Artifact Repository Parameter Plugin (versions

CVE-2020-2257

Jenkins Validating String Parameter Plugin 2.4 and earlier does not escape various user-controlled fields, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

CVE-2020-2257

Jenkins Validating String Parameter Plugin (versions ≤ 2.4) contains a stored XSS vulnerability due to insufficient escaping of user-controlled fields (including regular expressions in tooltips, names, and descriptions). Exploitation requires Job/Configure permission. A fix is available in versio...

CloudBees Jenkins Git XSS Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks.LTS is a long-term support for CloudBees...

CVE-2020-2238

Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

CVE-2020-2238

The CVE-2020-2238 issue affects the Jenkins Git Parameter Plugin, where versions up to 0.9.12 do not escape the repository field on the Build with Parameters page, enabling a stored XSS vulnerability exploitable by attackers with Job/Configure permissions. Connected sources confirm the root cause...

Unspecified Vulnerability in CloudBees Jenkins Stash Branch Parameter Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Stash Branch Parameter Plugin is used in one...

CVE-2020-2210

Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...

PT-2020-15425 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Stash Branch Parameter Plugin versions 0.3.0 and earlier Description: The issue concerns the transmission of configured passwords in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

CloudBees Jenkins Git Parameter plugin cross-site scripting vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A cross-site scripting vulnerability exists in the Git Parameter plugin 0.9.11 and earlier versions in CloudBees Jenkins. The vulnerability stems from the failure...

CloudBees Jenkins Git Parameter plugin cross-site scripting vulnerability (CNVD-2020-11651)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A cross-site scripting vulnerability exists in the Git Parameter plugin 0.9.11 and earlier versions in CloudBees Jenkins. The vulnerability stems from the failure...

CVE-2020-2124

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2124

Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2112

Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission...