EUVD-2022-2321

Malicious code in bioql PyPI...

CVE-2023-32985

Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

Path Traversal

Jenkins Sidebar Link Plugin is vulnerable to Path Traversal. The vulnerability exists because the path of files are not properly restricted which allows an attacker to access the userContent/ directory and check for the existence of a specific file...

Jenkins Sidebar Link Plugin vulnerable to Path Traversal

Jenkins Sidebar Link Plugin allows specifying files in the userContent/ directory for use as link icons. Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation. This allows attackers with Overall/Read permission to check for the existenc...

GHSA-PP8M-PRR7-WR8W Jenkins Sidebar Link Plugin vulnerable to Path Traversal

Jenkins Sidebar Link Plugin allows specifying files in the userContent/ directory for use as link icons. Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation. This allows attackers with Overall/Read permission to check for the existenc...

CVE-2023-32985

Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

CVE-2023-32985

Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

CVE-2023-32985

The CVE-2023-32985 issue affects the Jenkins Sidebar Link Plugin (version 2.2.1 and earlier). It allows path traversal by not properly restricting the path of files during a form-validation operation, enabling attackers with Overall/Read permission to check whether an attacker-specified file path...

Jenkins Plugin Sidebar Link 路径遍历漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2023-24118 · Jenkins · Jenkins Sidebar Link Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Sidebar Link Plugin versions 2.2.1 and earlier Description: The issue allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. This is due to th...

SUSE CVE-2005-2264

Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the search target, then injecting script into other pages via a data: URL...

Persisted XSS Vulnerability in Jenkins Sidebar Link Plugin

The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links...

GHSA-477R-V22Q-R42F Persisted XSS Vulnerability in Jenkins Sidebar Link Plugin

The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links...

Jenkins Sidebar Link Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Sidebar Link plugin is one of the...

CVE-2017-1000088

The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links...

CVE-2017-1000088

The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links...

Input validation

The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links...

CVE-2017-1000088

The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links...

CVE-2017-1000088

The CVE concerns Jenkins Sidebar Link Plugin. The root cause is lack of input validation for sidebar entries configured by users, enabling javascript: schemes to be used in links. This leads to cross-site scripting (XSS) in affected Jenkins objects. Connected advisories (GHSA and CNVD variants) c...

security flaw

Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the search target, then injecting script into other pages via a data: URL...