Lucene search

K
JenkinsGerrit Trigger

6 matches found

CVE
CVE
added 2022/04/12 8:15 p.m.87 views

CVE-2022-29039

Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the name and description of Base64 Encoded String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

5.4CVSS5.4AI score0.31598EPSS
CVE
CVE
added 2023/01/26 9:18 p.m.64 views

CVE-2023-24423

A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.

6.5CVSS6.3AI score0.00136EPSS
CVE
CVE
added 2019/12/17 3:15 p.m.57 views

CVE-2019-16551

A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.

8.8CVSS8.6AI score0.0011EPSS
CVE
CVE
added 2019/12/17 3:15 p.m.57 views

CVE-2019-16552

A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins master.

5.5CVSS5.3AI score0.00031EPSS
CVE
CVE
added 2018/03/13 1:29 p.m.53 views

CVE-2018-1000105

An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to retrieve some configuration information about Gerrit in Jenkins.

4.3CVSS4.3AI score0.00031EPSS
CVE
CVE
added 2018/03/13 1:29 p.m.45 views

CVE-2018-1000106

An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to modify the Gerrit configuration in Jenkins.

5.5CVSS5.3AI score0.00088EPSS