GHSA-F6MG-HMFP-6GRW Stored XSS vulnerability in Coverage/Complexity Scatter Plot Plugin

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not escape the method information in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

Stored XSS vulnerability in Coverage/Complexity Scatter Plot Plugin

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not escape the method information in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

GHSA-8RX6-V5Q4-XW3J enkins Coverage/Complexity Scatter Plot Plugin XML External Entity Reference vulnerability

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control the input files for the 'Public Coverage / Complexity Scatter Plot' post-build step to have Jenkins parse a crafted...

CVE-2022-28154

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-28154

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-28154

CVE-2022-28154 affects the Jenkins Coverage/Complexity Scatter Plot Plugin (version 1.1.1 and earlier). The root cause is that the plugin’s XML parser is not configured to prevent XML external entity (XXE) attacks. This can allow an attacker who can provide crafted input files to cause XXE proces...

Jenkins Coverage/Complexity Scatter Plot Plugin 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An XML external entity injection...

Exif-Gps-Tracer - A Python Script Which Allows You To Parse GeoLocation Data From Your Image Files Stored In A dataset

A python script which allows you to parse GeoLocation data from your Image files stored in a dataset.It also produces output in CSV file and also in HTML Google Maps Prerequisite To run this script fluently , 1 You should have Google Maps API 2 You should enable Map JavaScript API in Console To g...

CVE-2020-2265

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not escape the method information in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

Cross site scripting

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not escape the method information in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

PT-2020-15490 · Jenkins · Jenkins Coverage/Complexity Scatter Plot Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Coverage/Complexity Scatter Plot Plugin versions 1.1.1 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the plugin does not escape the method information in tooltips,...

Cross-Site Scripting (XSS)

plotly.js is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary javascript by creating a scatter plot with 2 traces and editing the name of one of the traces to contain malicious javascript. The javascript will be executed on hovering over the affect...