Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:46 a.m.10 views

CVE-2019-10410

Jenkins Log Parser Plugin 2.0 and earlier did not escape an error message, resulting in a cross-site scripting vulnerability exploitable by users able to define log parsing rules...

5.4CVSS6AI score0.00882EPSS
Exploits0References1
OSV
OSV
added 2021/07/08 12:0 p.m.48 views

RUSTSEC-2021-0074 Incorrect handling of embedded SVG and MathML leads to mutation XSS

Affected versions of this crate did not account for namespace-related parsing differences between HTML, SVG, and MathML. Even if the svg and math elements are not allowed, the underlying HTML parser still treats them differently. Running cleanup without accounting for these differing namespaces...

6.1CVSS6.1AI score0.00702EPSS
Exploits1References3
OSV
OSV
added 2019/09/25 4:15 p.m.18 views

CVE-2019-10410

Jenkins Log Parser Plugin 2.0 and earlier did not escape an error message, resulting in a cross-site scripting vulnerability exploitable by users able to define log parsing rules...

5.4CVSS6.1AI score
Exploits0References2
Prion
Prion
added 2019/09/25 4:15 p.m.14 views

Cross site scripting

Jenkins Log Parser Plugin 2.0 and earlier did not escape an error message, resulting in a cross-site scripting vulnerability exploitable by users able to define log parsing rules...

3.5CVSS5.2AI score0.00882EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/09/25 3:5 p.m.20 views

CVE-2019-10410

Jenkins Log Parser Plugin 2.0 and earlier did not escape an error message, resulting in a cross-site scripting vulnerability exploitable by users able to define log parsing rules...

5.2AI score0.00882EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/09/25 12:0 a.m.9 views

PT-2019-11804 · Jenkins · Jenkins Log Parser Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Log Parser Plugin versions 2.0 and earlier Description: The issue is related to a cross-site scripting vulnerability. It occurs because an error message is not properly escaped, allowing exploitation by users who can define log parsin...

5.4CVSS5.1AI score0.00882EPSS
Exploits0References6
Veracode
Veracode
added 2019/07/09 8:52 a.m.8 views

Regular Expression Denial Of Service (ReDoS)

marked is vulnerable to regular expression denial of service DoS. The attack is possible because it does not use efficient link tags in regular expression, thereby leading to a high CPU usage if an attacker parses an input link with nested parenthesis containing a large number of link tokens to t...

6.5AI score
Exploits0
OSV
OSV
added 2018/06/15 4:29 p.m.1 views

DEBIAN-CVE-2018-12035

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yrexecutecode in libyara/exec.c...

7.8CVSS7.5AI score0.01243EPSS
Exploits1References1
myhack58
myhack58
added 2014/05/25 12:0 a.m.15 views

XML injection vulnerability hazard warning-vulnerability warning-the black bar safety net

Vulnerability description: the Extensible Markup Language Extensible Markup Language, XML for marking an electronic file so that it has a structural markup language that can be used to tag data definition data type is a allows the user to Own the markup language for the definition of the source...

0.1AI score
Exploits0
Rows per page
Query Builder