4 results (0.012 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners. Las versiones anteriores a la 5.8.2 de Inedo BuildMaster no restringen correctamente la creación de escuchas de eventos RequireManageAllPrivileges. • https://inedo.com/blog/buildmaster-582-released https://inedo.com/buildmaster/versions#v5.8 https://inedo.myjetbrains.com/youtrack/issue/BM-3107 • CWE-269: Improper Privilege Management •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites. Una vulnerabilidad de redirección abierta en Inedo BuildMaster en versiones anteriores a la 5.8.2 permite que atacantes remotos redireccionen usuarios a sitios web arbitrarios. • https://inedo.com/blog/buildmaster-582-released https://inedo.com/buildmaster/versions#v5.8 https://inedo.myjetbrains.com/youtrack/issue/BM-3101 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Inedo BuildMaster before 5.8.2 has XSS. Las versiones anteriores a la 5.8.2 de Inedo BuildMaster tienen Cross-Site Scripting (XSS). • https://inedo.com/blog/buildmaster-582-released https://inedo.myjetbrains.com/youtrack/issue/BM-3100 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used. En versiones anteriores a la 5.8.2 de Inedo BuildMaster, se utilizó XslTransform donde se debería haber empleado XslCompiledTransform. • https://gitlab.com/inedo/buildmaster/commit/4f4c737fefe44c3227535946f535fb7ef468d721 https://inedo.com/blog/buildmaster-582-released https://inedo.com/buildmaster/versions#v5.8 https://inedo.myjetbrains.com/youtrack/issue/BM-3108 https://inedo.myjetbrains.com/youtrack/issue/EDO-3334 •