8 matches found
EUVD-2022-5188
Malicious code in bioql PyPI...
Jenkins Active Choices Plugin Cross-Site Scripting (CVE-2021-21699)
A stored cross-site scripting vulnerability exists in Jenkins Active Choices Plugin. This vulnerability is due to insufficient validation of parameter name of reactive parameters and dynamic reference parameters...
CVE-2021-21699
Jenkins Active Choices Plugin 2.5.6 and earlier does not escape the parameter name of reactive parameters and dynamic reference parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2020-2290
Jenkins Active Choices Plugin 2.4 and earlier does not escape some return values of sandboxed scripts for Reactive Reference Parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2020-2290
Jenkins Active Choices Plugin 2.4 and earlier does not escape some return values of sandboxed scripts for Reactive Reference Parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
Cross site scripting
Jenkins Active Choices Plugin 2.4 and earlier does not escape some return values of sandboxed scripts for Reactive Reference Parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2019-7732
In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field username, realm, nonce, uri, or response, only the last instance can ever be freed...
Coppermine Photo Gallery Cross-Site Scripting Vulnerability
Coppermine Photo Gallery is a WEB-based graphics gallery management program. A cross-site scripting vulnerability exists in Coppermine Photo Gallery versions prior to 1.5.36, which allows remote, authenticated users to inject arbitrary web script or HTML via reference parameters...