CVE-2025-30210

Bruno is an open source IDE for exploring and testing APIs. Prior to 1.39.1, the custom tool-tip components which internally use react-tooltip were setting the content in this case the Environment name as raw HTML which then gets injected into DOM on hover. This, combined with loose Content...

Jenkins Extra Columns Plugin allows Cross-Site Scripting (XSS)

Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...

CVE-2016-3101

Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...

Cross site scripting

Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...

CVE-2016-3101

Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...

CVE-2016-3101

Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...