parasoft.com Cross Site Scripting vulnerability OBB-3807787

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

GHSA-2RH4-XGMQ-63JP XXE vulnerability in Jenkins Parasoft Findings Plugin

Parasoft Findings Plugin implements a static analysis parser for various Parasoft products and integrates with Warnings Plugin 10.4.1 and earlier and Warnings NG Plugin 10.4.2 and newer. Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity X...

XXE vulnerability in Jenkins Parasoft Findings Plugin

Parasoft Findings Plugin implements a static analysis parser for various Parasoft products and integrates with Warnings Plugin 10.4.1 and earlier and Warnings NG Plugin 10.4.2 and newer. Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity X...

GHSA-GMG2-3W6V-945P Password stored in plain text by Parasoft Environment Manager Plugin

Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

Password stored in plain text by Parasoft Environment Manager Plugin

Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CloudBees Jenkins Parasoft Findings Plugin Code Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Parasoft Findings Plugin is used in one of th...

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

Xxe

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2020-2178

What’s affected: Jenkins Parasoft Findings Plugin (versions 10.4.3 and earlier) used in Jenkins. Root cause: The plugin’s XML parser is not configured to disable XML external entities (XXE) attacks. Impact: An attacker who can control input to the Parasoft Findings parser could cause the parser t...

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

PT-2020-15391 · Jenkins · Jenkins Parasoft Findings Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Parasoft Findings Plugin versions 10.4.3 and earlier Description: The issue allows a user who can control the input files for the Parasoft Findings parser to have Jenkins parse a crafted file that uses external entities for extraction...

Unspecified Vulnerability in CloudBees Jenkins Parasoft Environment Manager Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A security vulnerability exists in the CloudBees Jenkins Parasoft Environment Manager plug-in, which can be exploited by an attacker to gain read access or access...

CVE-2020-2132

Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2132

Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

Design/Logic Flaw

Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2132

Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2132

CVE-2020-2132 affects Jenkins Parasoft Environment Manager Plugin 2.14 and earlier. The vulnerability stems from passwords stored unencrypted in job config.xml on the Jenkins master, allowing access by users with Extended Read permission or those with master-file access. Impact described in sourc...