10 matches found
CVE-2019-16564
Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names...
CVE-2023-28670
Jenkins Pipeline Aggregator View Plugin 1.13 and earlier does not escape a variable representing the current view's URL in inline JavaScript, resulting in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission...
Cross site scripting
Jenkins Pipeline Aggregator View Plugin 1.13 and earlier does not escape a variable representing the current view's URL in inline JavaScript, resulting in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission...
Jenkins Plugins Pipeline Aggregator View 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2023-21891 · Jenkins · Jenkins Pipeline Aggregator View Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline Aggregator View Plugin versions 1.13 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because a variable representing the current view's URL is not properly escaped i...
com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.logmein:pipeline-bamboo (>=0.0.1 <=0.0.2) +94 more potentially affected by CVE-2022-25173 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2.92)
org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.3.0, =1.0, =0.9.0, =1.0, =1.22, =0.0.8, =y - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 and more Source cves: CVE-2022-25173 Source advisory: OSV:GHSA-4M7P-55JM-3VW...
CVE-2019-16564
Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names...
CVE-2019-16564
Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names...
CVE-2019-16564
The CVE-2019-16564 issue affects Jenkins Pipeline Aggregator View Plugin versions 1.8 and earlier, where the view content is not escaped, enabling stored XSS. The Red Hat advisory and related advisories confirm the root cause is unsanitized view content such as job display names or pipeline stage...
PT-2019-14719 · Jenkins · Jenkins Pipeline Aggregator View Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline Aggregator View Plugin versions 1.8 and earlier Description: The issue results in a stored XSS vulnerability, which can be exploited by attackers who can affect view content, such as job display names or pipeline stage names...