Lucene search
+L

7 matches found

OSV
OSV
added 2024/03/06 10:56 a.m.40 views

BIT-JENKINS-2023-27898

Jenkins LTS 2.277.1 through 2.375.3 both inclusive does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able t...

9.6CVSS8.4AI score0.0184EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/06/19 10:15 a.m.12 views

Jenkins: XSS vulnerability in plugin manager

A flaw was found in Jenkins. Affected versions of Jenkins do not escape the Jenkins version that a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This issue results in a stored Cross-site scripting XSS...

9.6CVSS7.3AI score0.0184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/04/12 12:2 p.m.4 views

Jenkins: XSS vulnerability in plugin manager

A flaw was found in Jenkins. Affected versions of Jenkins do not escape the Jenkins version that a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This issue results in a stored Cross-site scripting XSS...

9.6CVSS7.3AI score0.0184EPSS
Exploits0References5
OSV
OSV
added 2023/03/10 9:30 p.m.2 views

GHSA-J664-QHH4-HPF8 Cross-site Scripting vulnerability in Jenkins

Jenkins 2.270 through 2.393 both inclusive, LTS 2.277.1 through 2.375.3 both inclusive does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting XSS...

8.8CVSS7.2AI score0.0184EPSS
Exploits0References3
OSV
OSV
added 2023/03/10 9:15 p.m.30 views

CVE-2023-27898

Jenkins 2.270 through 2.393 both inclusive, LTS 2.277.1 through 2.375.3 both inclusive does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting XSS...

9.6CVSS8.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/08 12:0 a.m.5 views

PT-2023-2258 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.270 through 2.393 Jenkins LTS versions 2.277.1 through 2.375.3 Description: The issue is related to errors in handling HTTP headers, which can allow a remote attacker to perform cross-site scripting XSS attacks. The...

9.6CVSS8.4AI score0.0184EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2016/07/14 12:0 a.m.28 views

Fedora 23 : wordpress (2016-cf91320535)

WordPress 4.5.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. See the Release announcement ---- Version 4.5.1 of WordPress is available and fixes 12 bugs. See Release announcement Note that Tenable Network...

6.1CVSS6.1AI score0.05361EPSS
Exploits0References3
Rows per page
Query Builder