Input validation

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0...

CVE-2022-38123 Insufficient validation of plugin files

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0...

CVE-2022-38123 Insufficient validation of plugin files

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0...

GHSA-2PP9-R4RV-6P6J Exposure of Sensitive Information to an Unauthorized Actor in Jenkins

A exposure of sensitive information vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Plugin.java that allows attackers to determine the date and time when a plugin HPI/JPI file was last extracted, which typically is the date of the most recent installation/upgrade...

GHSA-X274-9M9R-FM5G Jenkins does not Verify Checksums for Plugin Files

The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin...

PT-2021-14402 · Helm +1 · Helm +1

Name of the Vulnerable Software and Affected Versions: Helm versions 3.0 through 3.5.2 Description: Helm, a tool for managing Charts in Kubernetes, has cases where data loaded from potentially untrusted sources was not properly sanitized. This includes invalid SemVer in the version field of a...

Cagintranet Networks GetSimple CMS Information Disclosure Vulnerability

Cagintranet Networks GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A security vulnerability exists in Cagintranet Networks GetSimple CMS version 3.3....

WordPress ShrimpTest Plugin <= 1.0b2 - Cross Site Scripting

This plugin is prone to an unspecified cross site scripting vulnerability in plugins/metric-conversion.php, plugins/plugin-notification.php, plugins/variant-shortcode.php, admin/experiments.php and admin/experiment-new.php parameters. Solution Update this plugin...