1464 matches found
SECURITY-659
Bulletin has no description...
SECURITY-660
Bulletin has no description...
SECURITY-521
Bulletin has no description...
SECURITY-657
Bulletin has no description...
SECURITY-694
Bulletin has no description...
SECURITY-656
Bulletin has no description...
SECURITY-658
Bulletin has no description...
SECURITY-695
Bulletin has no description...
SECURITY-675
Bulletin has no description...
SECURITY-607
Bulletin has no description...
SECURITY-655
Bulletin has no description...
SECURITY-507
Bulletin has no description...
Persisted XSS vulnerability in autocompletion suggestions
Autocompletion suggestions for text fields were not escaped, resulting in a persisted cross-site scripting vulnerability if the source for the suggestions allowed specifying text that includes HTML metacharacters like less-than and greater-than characters. Known previously unsafe sources for thes...
Unsafe use of user names as directory names
Jenkins stores metadata related to people, which encompasses actual user accounts, as well as users appearing in SCM, in directories corresponding to the user ID on disk. These directories used the user ID for their name without additional escaping. This potentially resulted in a number of...