3 matches found
TestComplete support Plugin vulnerable to stored Cross-site Scripting
TestComplete support Plugin 2.8.1 and earlier does not escape the TestComplete project name in its test result page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix...
GHSA-5WPG-QCMJ-48WH TestComplete support Plugin vulnerable to stored Cross-site Scripting
TestComplete support Plugin 2.8.1 and earlier does not escape the TestComplete project name in its test result page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix...
GHSA-7P6G-GR9G-VFX6 Jenkins LoadComplete support Plugin Cross-site Scripting vulnerability
Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name in its test result page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix...