9 matches found
EUVD-2022-2135
Malicious code in bioql PyPI...
CVE-2018-1000202
A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...
GHSA-38CH-X695-M794 Jenkins Groovy Postbuild Plugin vulnerable to Cross-site Scripting
A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...
Jenkins Groovy Postbuild Plugin vulnerable to Cross-site Scripting
A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...
CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2018-11102)
CloudBees Jenkins is the U.S. CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Groovy Postbuild Plugin is to use one of the...
Cross site scripting
A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...
CVE-2018-1000202
A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...
CVE-2018-1000202
A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI...
CVE-2018-1000202
CVE-2018-1000202 is a persisted cross-site scripting vulnerability affecting Jenkins Groovy Postbuild Plugin (versions 2.3.1 and earlier). The issue arises in various Jelly files that allow an attacker who can control build badge content to inject JavaScript executed in another user’s browser dur...