3 matches found
jenkins: stored XSS vulnerability in project naming strategy
A flaw was found in Jenkins in versions prior to 2.251 and LTS 2.235.3. The project naming strategy description, displayed on item creation, is not properly escaped. This can result in a stored cross-site scripting XSS vulnerability exploitable by users with Overall/Manage permissions. The highes...
CloudBees Jenkins and LTS Cross-Site Scripting Vulnerability (CNVD-2020-46328)
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...
CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2020-46299)
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...