8 matches found
GHSA-JG35-VF67-GG2J Jenkins Shortcut Job Plugin stored cross-site scripting vulnerability
Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs. Shortcut Job Plugin 0.5 escapes the shortcut redirection URL...
Jenkins Shortcut Job Plugin stored cross-site scripting vulnerability
Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs. Shortcut Job Plugin 0.5 escapes the shortcut redirection URL...
CVE-2023-40346
Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...
Cross site scripting
Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...
CVE-2023-40346
Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...
CVE-2023-40346
Jenkins Shortcut Job Plugin 0.4 and earlier has a stored XSS vulnerability due to not escaping the shortcut redirection URL, exploitable by attackers who can configure shortcut jobs. The advisory notes that Shortcut Job Plugin 0.5 escapes the shortcut redirection URL, mitigating the issue. Affect...
CVE-2023-40346
Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure shortcut jobs...
PT-2023-27404 · Jenkins · Jenkins Shortcut Job Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Shortcut Job Plugin versions 0.4 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins Shortcut Job Plugin does not escape the shortcut redirection URL, making ...