Subversion Security Vulnerabilities and Issues — Subversion CVE List

Lucene search

JenkinsSubversion

3 matches found

CVE•added 2022/04/12 8:15 p.m.•181 views

CVE-2022-29046

Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

5.4CVSS5.2AI score0.01341EPSS

CVE•added 2020/02/12 3:15 p.m.•103 views

CVE-2020-2111

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.

5.4CVSS5.3AI score0.00083EPSS

CVE•added 2018/03/13 1:29 p.m.•62 views

CVE-2018-1000111

An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and earlier in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of nodes and users.

5.3CVSS5AI score0.00038EPSS