EUVD-2022-6400

Malicious code in bioql PyPI...

EUVD-2022-6220

Malicious code in bioql PyPI...

Jenkins XPath Configuration Viewer存在未明漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plug-ins to support building, deploying, and automating any project. Jenkins XPath Configuration Viewer has a security vulnerability that stems...

Jenkins XPath Configuration Viewer Plugin跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins is an open source automation server that provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site request forgery...

GHSA-QM37-C4W6-H9V9 Missing Authorization in Jenkins XPath Configuration Viewer Plugin

XPath Configuration Viewer Plugin 1.1.1 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to access the XPath Configuration Viewer page. Given appropriate XPath expressions, this page grants access to job configuration XML data...

GHSA-3Q7F-W8FR-368V Cross-Site Request Forgery in Jenkins XPath Configuration Viewer Plugin

A cross-site request forgery CSRF vulnerability in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers to create and delete XPath expressions...

Cross-Site Request Forgery in Jenkins XPath Configuration Viewer Plugin

A cross-site request forgery CSRF vulnerability in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers to create and delete XPath expressions...

CVE-2022-34812

A cross-site request forgery CSRF vulnerability in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers to create and delete XPath expressions...

CVE-2022-34813

A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to create and delete XPath expressions...

CVE-2022-34811

A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to access the XPath Configuration Viewer page...

CVE-2022-34813

A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to create and delete XPath expressions...

Default configuration

A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to access the XPath Configuration Viewer page...

CVE-2022-34813

A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to create and delete XPath expressions...

CVE-2022-34813

CVE-2022-34813 affects Jenkins XPath Configuration Viewer Plugin versions 1.1.1 and earlier. The root cause is a missing permission check in several HTTP endpoints, allowing users with Overall/Read permission to create and delete XPath expressions. Some advisories also note CSRF risk due to endpo...

CVE-2022-34812

CVE-2022-34812 is a cross-site request forgery (CSRF) vulnerability in Jenkins XPath Configuration Viewer Plugin versions 1.1.1 and earlier. The issue allows attackers with the user’s or an attacker’s access to perform create and delete XPath expressions, as stated in the CVE description and mult...

CVE-2022-34811

A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to access the XPath Configuration Viewer page...

CVE-2022-34811

CVE-2022-34811: Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier has a missing permission check that allows users with Overall/Read to access the XPath Configuration Viewer page. The issue, described in multiple sources (NVD, CVE lists, OSS advisories), can expose the XPath configurati...

Jenkins Plugin XPath Configuration Viewer 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins XPath Configuration Viewer Plugin...

Jenkins Plugin XPath Configuration Viewer 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins is an open source automation server that provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site request forgery...

PT-2022-22365 · Jenkins · Jenkins Xpath Configuration Viewer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins XPath Configuration Viewer Plugin versions 1.1.1 and earlier Description: A missing permission check in the Jenkins XPath Configuration Viewer Plugin allows attackers with Overall/Read permission to create and delete XPath expressions...