7 matches found
EUVD-2023-2768
Malicious code in bioql PyPI...
Jenkins Edgewall Trac Plugin vulnerable to Stored XSS
Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix...
CVE-2023-46659
Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2023-46659
Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2023-46659
Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape the Trac website URL on the build page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2023-46659
CVE-2023-46659 concerns Jenkins Builder: Edgewall Trac Plugin versions 1.13 and earlier. The vulnerability is a stored cross-site scripting (XSS) issue caused by the plugin not escaping the Trac website URL on the build page. Exploitation requires Item/Configure permission, enabling an attacker t...
PT-2023-30145 · Jenkins · Jenkins Edgewall Trac Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Edgewall Trac Plugin versions 1.13 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability because the Trac website URL on the build page is not escaped. This vulnerability is exploitable by...