Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.7 views

CVE-2019-16564

Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names...

5.4CVSS5.7AI score0.00688EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:37 a.m.10 views

CVE-2023-28670

Jenkins Pipeline Aggregator View Plugin 1.13 and earlier does not escape a variable representing the current view's URL in inline JavaScript, resulting in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission...

5.4CVSS5.3AI score0.00456EPSS
Exploits0References1
Prion
Prion
added 2023/04/02 9:15 p.m.13 views

Cross site scripting

Jenkins Pipeline Aggregator View Plugin 1.13 and earlier does not escape a variable representing the current view's URL in inline JavaScript, resulting in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission...

4.9CVSS5.2AI score0.00456EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.3 views

Jenkins Plugins Pipeline Aggregator View 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.4CVSS5.4AI score0.00456EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/23 12:0 a.m.5 views

PT-2023-21891 · Jenkins · Jenkins Pipeline Aggregator View Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline Aggregator View Plugin versions 1.13 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because a variable representing the current view's URL is not properly escaped i...

8CVSS5AI score0.00456EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2022/02/16 12:1 a.m.5 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.logmein:pipeline-bamboo (>=0.0.1 <=0.0.2) +94 more potentially affected by CVE-2022-25173 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2.92)

org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.3.0, =1.0, =0.9.0, =1.0, =1.22, =0.0.8, =y - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 and more Source cves: CVE-2022-25173 Source advisory: OSV:GHSA-4M7P-55JM-3VW...

8.8CVSS7.2AI score0.01422EPSS
Exploits0
OSV
OSV
added 2019/12/17 3:15 p.m.3 views

CVE-2019-16564

Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names...

5.4CVSS6.1AI score0.00688EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/12/17 2:40 p.m.22 views

CVE-2019-16564

Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names...

5.2AI score0.00688EPSS
Exploits0References2
CVE
CVE
added 2019/12/17 2:40 p.m.59 views

CVE-2019-16564

The CVE-2019-16564 issue affects Jenkins Pipeline Aggregator View Plugin versions 1.8 and earlier, where the view content is not escaped, enabling stored XSS. The Red Hat advisory and related advisories confirm the root cause is unsanitized view content such as job display names or pipeline stage...

5.4CVSS5.2AI score0.00688EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2019/12/17 12:0 a.m.7 views

PT-2019-14719 · Jenkins · Jenkins Pipeline Aggregator View Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline Aggregator View Plugin versions 1.8 and earlier Description: The issue results in a stored XSS vulnerability, which can be exploited by attackers who can affect view content, such as job display names or pipeline stage names...

5.4CVSS5.1AI score0.00688EPSS
Exploits0References5
Rows per page
Query Builder