Jenkins Plugin JAPEX 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A code issue vulnerabilit...

Stored XSS vulnerability in Jenkins FindBugs Plugin

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step...

GHSA-24G8-35X9-FV8R Stored XSS vulnerability in Jenkins FindBugs Plugin

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step...

CVE-2020-2317

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step...

CVE-2020-2317

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step...

PT-2020-15487 · Jenkins · Jenkins Android Lint Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Android Lint Plugin versions 2.6 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the plugin does not escape the annotation message in tooltips. This can be exploited ...

PT-2019-14699 · Jenkins · Jenkins Qmetry For Jira - Test Management Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins QMetry for JIRA - Test Management Plugin versions 1.12 and earlier Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master or controller. This allows users with...