Malicious code in rush-command-parameters-plugin (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2977 Malicious code in rush-command-parameters-plugin (npm)

--- -= Per source details. Do not edit below this line.=-...

CSRF vulnerability in Jenkins Build With Parameters Plugin

Jenkins Build With Parameters Plugin 1.5 and earlier does not require POST requests for its form submission endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to build a project with attacker-specified parameters. Build With Parameters Plug...

GHSA-W24G-24QG-V4W2 CSRF vulnerability in Jenkins Build With Parameters Plugin

Jenkins Build With Parameters Plugin 1.5 and earlier does not require POST requests for its form submission endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to build a project with attacker-specified parameters. Build With Parameters Plug...

CloudBees Jenkins Build With Parameters Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...

CloudBees Jenkins Build With Parameters Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

CVE-2021-21629

A cross-site request forgery CSRF vulnerability in Jenkins Build With Parameters Plugin 1.5 and earlier allows attackers to build a project with attacker-specified parameters...

CVE-2021-21628

Jenkins Build With Parameters Plugin 1.5 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

CVE-2021-21629

A cross-site request forgery CSRF vulnerability in Jenkins Build With Parameters Plugin 1.5 and earlier allows attackers to build a project with attacker-specified parameters...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Build With Parameters Plugin 1.5 and earlier allows attackers to build a project with attacker-specified parameters...

CVE-2021-21629

CVE-2021-21629: A CSRF vulnerability in Jenkins Build With Parameters Plugin 1.5 and earlier allows an attacker to trigger builds with attacker-specified parameters via endpoints that do not require POST; patch to 1.5.1 or later is indicated by sources (OSV/GHSA/NASL) as the fix. No exploitation ...

CVE-2021-21628

The CVE-2021-21628 case concerns Jenkins Build With Parameters Plugin (versions ≤ 1.5). The underlying issue is that parameter names and descriptions are not escaped, enabling stored XSS. The vulnerability can be exploited by attackers who have Job/Configure permission. Public writeups from OSV a...

CVE-2021-21628

Jenkins Build With Parameters Plugin 1.5 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...