Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

167 matches found

Prion
Prionadded 2018/07/16 1:29 p.m.14 views

Cross site scripting

The NotificationRepresentationFactoryImpl class in Atlassian Universal Plugin Manager before version 2.22.9 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the name of user submitted add-on names...

3.5CVSS5.2AI score0.00175EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2018/07/16 1:0 p.m.31 views

CVE-2018-5229

The NotificationRepresentationFactoryImpl class in Atlassian Universal Plugin Manager before version 2.22.9 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the name of user submitted add-on names...

5.2AI score0.00175EPSS
Exploits0References1
CVE
CVEadded 2018/07/16 1:0 p.m.54 views

CVE-2018-5229

The CVE concerns Atlassian Universal Plugin Manager (UPM). The vulnerability is a Cross-Site Scripting (XSS) in the NotificationRepresentationFactoryImpl class that affects UPM versions before 2.22.9, allowing an attacker to inject arbitrary HTML/JavaScript via user-submitted add-on names. Public...

5.4CVSS5.1AI score0.00175EPSS
Exploits0References1Affected Software1
Atlassian
Atlassianadded 2018/03/23 6:40 a.m.537 views

The bundled Atlassian Universal Plugin Manager plugin had a XSS issue - CVE-2018-5229

The version of the bundled Atlassian Universal Plugin Manager plugin had a cross site scripting vulnerability XSS. See https://ecosystem.atlassian.net/browse/UPM-5871 for more details...

5.4CVSS1.5AI score0.00175EPSS
Exploits0Affected Software1
Atlassian
Atlassianadded 2018/03/23 6:40 a.m.30 views

The bundled Atlassian Universal Plugin Manager plugin had a XSS issue - CVE-2018-5229

The version of the bundled Atlassian Universal Plugin Manager plugin had a cross site scripting vulnerability XSS. See https://ecosystem.atlassian.net/browse/UPM-5871 for more details...

5.4CVSS1.5AI score0.00175EPSS
Exploits0
Metasploit
Metasploitadded 2018/02/22 3:43 p.m.31 views

Atlassian Jira Authenticated Upload Code Execution

This module can be used to execute a payload on Atlassian Jira via the Universal Plugin ManagerUPM. The module requires valid login credentials to an account that has access to the plugin manager. The payload is uploaded as a JAR archive containing a servlet using a POST request against the UPM...

7.4AI score
Exploits0
Atlassian
Atlassianadded 2018/02/07 10:18 p.m.28 views

The bundled Atlassian Universal Plugin Manager plugin had a XSS issue - CVE-2018-5229

The version of the bundled Atlassian Universal Plugin Manager plugin had a cross site scripting vulnerability XSS. See https://ecosystem.atlassian.net/browse/UPM-5871 for more details...

5.4CVSS1.5AI score0.00175EPSS
Exploits0
Atlassian
Atlassianadded 2018/02/07 10:18 p.m.42 views

The bundled Atlassian Universal Plugin Manager plugin had a XSS issue - CVE-2018-5229

The version of the bundled Atlassian Universal Plugin Manager plugin had a cross site scripting vulnerability XSS. See https://ecosystem.atlassian.net/browse/UPM-5871 for more details...

5.4CVSS1.5AI score0.00175EPSS
Exploits0Affected Software1
Atlassian
Atlassianadded 2018/02/07 10:17 p.m.58 views

The bundled Atlassian Universal Plugin Manager plugin had a XSS issue - CVE-2018-5229

The version of the bundled Atlassian Universal Plugin Manager plugin had a cross site scripting vulnerability XSS. See https://ecosystem.atlassian.net/browse/UPM-5871 for more details...

5.4CVSS1.5AI score0.00175EPSS
Exploits0Affected Software1
Atlassian
Atlassianadded 2018/02/07 10:17 p.m.22 views

The bundled Atlassian Universal Plugin Manager plugin had a XSS issue - CVE-2018-5229

The version of the bundled Atlassian Universal Plugin Manager plugin had a cross site scripting vulnerability XSS. See https://ecosystem.atlassian.net/browse/UPM-5871 for more details...

5.4CVSS1.5AI score0.00175EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2016/03/22 4:49 p.m.1 views

jenkins: Jenkins plugin manager vulnerable to MITM attacks (SECURITY-234)

The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin...

7.6CVSS7.7AI score0.00768EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2016/01/26 7:12 p.m.0 views

jenkins: Jenkins plugin manager vulnerable to MITM attacks (SECURITY-234)

The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin...

7.6CVSS7.7AI score0.00768EPSS
Exploits0References5
Veeam
Veeamadded 2015/06/17 12:0 a.m.11 views

Uninstalling Veeam Backup & Replication plug-in for Labtech

Challenge Uninstalling the plug-in using Plugin Manager only removes it from the list of plugins but leaves Veeam components reports, monitors, etc. and database data intact. Cause Uninstalling the Veeam Backup & Replication Plug-in by means of the LabTech Plugin Manager is not supported. If you...

7.4AI score
Exploits0
Atlassian
Atlassianadded 2015/06/04 10:6 p.m.16 views

Remove old plugin manager

The old plugin manager is still available in confluence if you know the URL ../admin/viewplugins.action it looks quite terrible and given it is almost an unknown feature most of the current Confluence Team would not know to fix it if there are security problems with it. It was kept when we put UP...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassianadded 2015/06/04 10:6 p.m.13 views

Remove old plugin manager

The old plugin manager is still available in confluence if you know the URL ../admin/viewplugins.action it looks quite terrible and given it is almost an unknown feature most of the current Confluence Team would not know to fix it if there are security problems with it. It was kept when we put UP...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassianadded 2015/06/04 10:6 p.m.27 views

Remove old plugin manager

The old plugin manager is still available in confluence if you know the URL ../admin/viewplugins.action it looks quite terrible and given it is almost an unknown feature most of the current Confluence Team would not know to fix it if there are security problems with it. It was kept when we put UP...

0.5AI score
Exploits0
Patchstack
Patchstackadded 2015/05/15 12:0 a.m.12 views

WordPress Multisite Plugin Manager Plugin <= 3.1.1 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

2.3AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDBadded 2014/08/01 10:58 a.m.5 views

Multisite plugin Manager 3.1.1 - Two Cross-Site Scripting Vulnerabilities

The Multisite Plugin Manager WordPress plugin was affected by a Two Cross-Site Scripting Vulnerabilities security vulnerability...

2AI score
Exploits0Affected Software1
NVD
NVDadded 2014/07/02 6:55 p.m.7 views

CVE-2014-4593

Cross-site scripting XSS vulnerability in wp-plugins-net/index.php in the WP Plugin Manager wppm plugin 1.6.4.b and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

4.3CVSS5.8AI score0.00174EPSS
Exploits1References1
Prion
Prionadded 2014/07/02 6:55 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in wp-plugins-net/index.php in the WP Plugin Manager wppm plugin 1.6.4.b and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

4.3CVSS6.2AI score0.00174EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder