9 matches found
EUVD-2022-3371
Malicious code in bioql PyPI...
Jenkins Cross-site Scripting vulnerability in project naming strategy
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description, that is displayed on item creation.\n\nThis results in a stored cross-site scripting XSS vulnerability exploitable by users with Overall/Manage permission.\n\nJenkins 2.252, LTS 2.235.4...
GHSA-9G4M-FFX6-C29G Jenkins Cross-site Scripting vulnerability in project naming strategy
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description, that is displayed on item creation.\n\nThis results in a stored cross-site scripting XSS vulnerability exploitable by users with Overall/Manage permission.\n\nJenkins 2.252, LTS 2.235.4...
jenkins: stored XSS vulnerability in project naming strategy
A flaw was found in Jenkins in versions prior to 2.251 and LTS 2.235.3. The project naming strategy description, displayed on item creation, is not properly escaped. This can result in a stored cross-site scripting XSS vulnerability exploitable by users with Overall/Manage permissions. The highes...
Cross-site Scripting (XSS)
jenkins is vulnerable to cross-site scripting XSS. The vulnerability exists through the project naming strategy...
jenkins: stored XSS vulnerability in project naming strategy
A flaw was found in Jenkins in versions prior to 2.251 and LTS 2.235.3. The project naming strategy description, displayed on item creation, is not properly escaped. This can result in a stored cross-site scripting XSS vulnerability exploitable by users with Overall/Manage permissions. The highes...
jenkins: stored XSS vulnerability in project naming strategy
A flaw was found in Jenkins in versions prior to 2.251 and LTS 2.235.3. The project naming strategy description, displayed on item creation, is not properly escaped. This can result in a stored cross-site scripting XSS vulnerability exploitable by users with Overall/Manage permissions. The highes...
FreeBSD : jenkins -- multiple vulnerabilities (eef0d2d9-78c0-441e-8b03-454c5baebe20)
Jenkins Security Advisory : DescriptionHigh SECURITY-1955 / CVE-2020-2229 Stored XSS vulnerability in help icons High SECURITY-1957 / CVE-2020-2230 Stored XSS vulnerability in project naming strategy High SECURITY-1960 / CVE-2020-2231 Stored XSS vulnerability in 'Trigger builds remotely' C Tenabl...
PT-2020-15451 · Jenkins · Jenkins
Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.251 and earlier Jenkins LTS versions 2.235.3 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the project naming strategy description is not properly escaped...