EUVD-2023-0467

Malicious code in bioql PyPI...

CVE-2023-33002

Jenkins TestComplete support Plugin 2.8.1 and earlier does not escape the TestComplete project name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

Jenkins TestComplete support Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

CVE-2023-24443

Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

Xxe

Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

PT-2023-19603 · Jenkins · Jenkins Testcomplete Support Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TestComplete support Plugin versions 2.8.1 and earlier Description: The issue is related to the configuration of the XML parser, which does not prevent XML external entity XXE attacks. This allows for potential exploitation...

CVE-2023-24443

Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

GHSA-R32R-F6WR-CC3W Password stored in plain text by Jenkins TestComplete support Plugin

Jenkins TestComplete support Plugin prior to version 2.5.2 stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system. Version 2.5.2 contains a patch for this issue...

CVE-2020-2209

Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

Design/Logic Flaw

Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2209

Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

PT-2020-15424 · Jenkins · Jenkins Testcomplete Support Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TestComplete support Plugin versions 2.4.1 and earlier Description: The issue allows storage of a password unencrypted in job config.xml files on the Jenkins master. This can be viewed by users with Extended Read permission or access ...