15 matches found
EUVD-2024-3392
Malicious code in bioql PyPI...
CVE-2024-54003
Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...
CVE-2024-54003
Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...
CVE-2024-54003
Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...
CVE-2024-54003
Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...
CVE-2024-54003
Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...
CVE-2024-54003
CVE-2024-54003 : Jenkins Simple Queue Plugin versions 1.4.4 and earlier are affected by a stored XSS due to the view name not being escaped, exploitable by attackers with View/Create permission. Root cause identified as failure to escape the view name. Impact aligns with high-severity in the CVSS...
PT-2024-36010 · Jenkins · Jenkins Simple Queue Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Simple Queue Plugin versions 1.4.4 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability because the view name is not escaped. This vulnerability is exploitable by attackers with View/Create...
CVE-2024-4687
A vulnerability classified as problematic has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/createevents.php. The manipulation of the argument myindex leads to cross site scripting. It is possible to launch the attack...
PT-2024-32263 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A problematic issue has been discovered, affecting an unknown function of the file /view/create events.php. The manipulation of the my index argument leads to...
jenkins: view name validation bypass
A flaw was found in Jenkins. Due to lack of validation of the newly created view name, an attackers with View/Create permission are allowed to create views with invalid or already-used names...
CVE-2021-21640
A flaw was found in Jenkins. Due to lack of validation of the newly created view name, an attackers with View/Create permission are allowed to create views with invalid or already-used names...
CVE-2021-21640
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid or already-used names...
CVE-2021-21640
CVE-2021-21640 affects Jenkins 2.286 and earlier, and LTS 2.277.1 and earlier. The vulnerability is a view name validation bypass: when creating a new view, the submitted name is not consistently validated, allowing attackers with View/Create permission to create views with invalid or already-use...
CVE-2021-21640
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid or already-used names...