Lucene search
+L

10 matches found

osv
osv
added 2023/08/16 3:30 p.m.17 views

GHSA-JG35-VF67-GG2J Jenkins Shortcut Job Plugin stored cross-site scripting vulnerability

Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs. Shortcut Job Plugin 0.5 escapes the shortcut redirection URL...

8CVSS5.4AI score0.00416EPSS
Exploits0References3
github
github
added 2023/08/16 3:30 p.m.27 views

Jenkins Shortcut Job Plugin stored cross-site scripting vulnerability

Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs. Shortcut Job Plugin 0.5 escapes the shortcut redirection URL...

5.4CVSS5.6AI score0.00416EPSS
Exploits0References4Affected Software1
osv
osv
added 2023/08/16 3:15 p.m.4 views

CVE-2023-40346

Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...

5.4CVSS5.7AI score0.00416EPSS
Exploits0References2
nvd
nvd
added 2023/08/16 3:15 p.m.25 views

CVE-2023-40346

Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...

5.4CVSS5.3AI score0.00416EPSS
Exploits0References2
prion
prion
added 2023/08/16 3:15 p.m.17 views

Cross site scripting

Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...

4.9CVSS5.2AI score0.00416EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2023/08/16 2:32 p.m.10 views

CVE-2023-40346

Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...

5.7AI score0.00416EPSS
Exploits0References2
cve
cve
added 2023/08/16 2:32 p.m.235 views

CVE-2023-40346

Jenkins Shortcut Job Plugin 0.4 and earlier has a stored XSS vulnerability due to not escaping the shortcut redirection URL, exploitable by attackers who can configure shortcut jobs. The advisory notes that Shortcut Job Plugin 0.5 escapes the shortcut redirection URL, mitigating the issue. Affect...

5.4CVSS5.2AI score0.00416EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/08/16 2:32 p.m.32 views

CVE-2023-40346

Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...

5.7AI score0.00416EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2023/08/16 12:0 a.m.3 views

PT-2023-27404 · Jenkins · Jenkins Shortcut Job Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Shortcut Job Plugin versions 0.4 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins Shortcut Job Plugin does not escape the shortcut redirection URL, making ...

8CVSS5.1AI score0.00416EPSS
Exploits0References9
cnnvd
cnnvd
added 2023/08/16 12:0 a.m.4 views

Jenkins Plugin Shortcut Job 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...

5.4CVSS5.6AI score0.00416EPSS
Exploits0References5
Rows per page
Query Builder